darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 10:53:28 -05:00
Code Issues Packages Projects Releases Wiki Activity
236 Commits 51 Branches 59 Tags
ec020a42f40d0b483249e14b8214e1dcaf495a5a
Commit Graph

36 Commits

Author SHA1 Message Date
Rebecca Law
2b4097dd2d 109526036: Updates as per comments made on pull request. 2015-12-10 15:21:06 +00:00
Rebecca Law
588730d594 109526036: Persist the verify code to the db. 
The codes are hashed and saved to the db.
The code is marked as used once a valid code is submitted.
The code is valid for 1 hour.
The codes are no longer saved to the session.
 2015-12-10 14:48:01 +00:00
Rebecca Law
975aaf58ff 109638656: Add mocker for api client, which tries to send sms 2015-12-09 12:11:43 +00:00
Rebecca Law
9ba229820a 109638656: Implementation of two factor verification 
Validation of the code is done in the form, when the form.validate_on_submit is called the validate code methods are called as well.
 2015-12-09 11:36:57 +00:00
Rebecca Law
1af2dd5e98 109638656: Use Regex validator for sms code to ensure it is 5 digits. 2015-12-09 10:17:50 +00:00
Rebecca Law
7570a80a00 109638656: Added test and moved common function to __init__ 2015-12-09 10:17:09 +00:00
Rebecca Law
2e59870490 109638656: Implement two factor verify flow 
When user enters valid sms code they are redirected to the dashboard.
Otherwise, form errors are present.
 2015-12-09 10:17:09 +00:00
Rebecca Law
c946f85f9d 109638656: Send sms code from sign-in post. 2015-12-09 10:16:30 +00:00
Rebecca Law
eae2756a5e 109638656: Initial implementation for two-factor 2015-12-09 10:15:41 +00:00
Rebecca Law
ae19161b32 109526520: Use Regex validator to test the code is 5 digits. 2015-12-09 10:12:21 +00:00
Rebecca Law
9923c14e73 109526520: Changed the code form fields to StringField 
When the codes were IntegerFields and the code started with zero, the zero was trimmed, resulting in a failed match.
 2015-12-09 10:12:21 +00:00
Rebecca Law
bef2258803 109526520: Add custom validators for the VerifyForm 
If the email_code or sms_code entered does not pass check password, then add errors to the form.
 2015-12-09 10:12:21 +00:00
Rebecca Law
16618e80f9 109526520: Implement verify flow 
When a person registers with a valid mobile number and email address,
a code will be sent to each. That person can enter the verify codes and continue to the add-service page.
 2015-12-09 10:12:21 +00:00
Rebecca Law
56db1ad400 109526520: fix code style 2015-12-09 10:12:21 +00:00
Rebecca Law
6d47c01117 109526520: Implememt verify post method. 2015-12-09 10:12:20 +00:00
Rebecca Law
69da9f8f32 109526520: render verify template with VerifyForm 2015-12-09 10:12:20 +00:00
Rebecca Law
229935c050 Remove test for temp_create_user, removed in previous commit. 2015-12-08 13:04:20 +00:00
Rebecca Law
a741c128da 108537814: Implementation of 3 factor authentication. 
The post register endpoint will send a random 5 digit code via sms and another via email.
If either code fails to send, the user will not be created and the person can register again.
The codes are saved to the session cookie, and expire in 1 hour.

Another iteration of this story will save the codes to a database.
 2015-12-04 16:27:11 +00:00
Rebecca Law
9d9b80bab7 Login user after they register 2015-12-01 16:45:11 +00:00
Rebecca Law
3b96b6e5ca 108536374: Implement a validator to exclude passwords on a blacklist 2015-12-01 16:45:11 +00:00
Rebecca Law
9e2cf2fa4c 108536366: Implement register flow 
Includes validation for gov.uk email address, mobile number with +44, password at least 10 char.
Form validation errors will be added to template in a later story.
User is created when form validates.
 2015-12-01 16:45:11 +00:00
Rebecca Law
4b90c1105b remvoe unused import 2015-12-01 16:41:49 +00:00
Rebecca Law
64d2cbb927 108536366: Implement register flow 
Includes validation for gov.uk email address, mobile number with +44, password at least 10 char.
Form validation errors will be added to template in a later story.
User is created when form validates.
 2015-12-01 16:41:49 +00:00
Rebecca Law
e8d2a81597 108536490: Fix bug when user does not exist and tries to sign in 2015-12-01 10:35:49 +00:00
Rebecca Law
de0efcb508 108536490: Add test that post with bad password when account is locked results in 401 2015-12-01 10:00:07 +00:00
Rebecca Law
edfc1d6efc 108536490: Implement User.is_active() 
If the state of the user is inactive the user.is_active() returns false.
 2015-12-01 10:00:07 +00:00
Rebecca Law
3b27db98ff 108536490: Implement locked out function. 
User is locked if they fail to login 10 times or more.
 2015-12-01 10:00:07 +00:00
Rebecca Law
ff9e98907e 108536490: Update encryption for password 2015-12-01 10:00:07 +00:00
Rebecca Law
6f61906fd4 108536490: Implement LoginManager for the admin app. 
Also added csrf error handler, will make the session unauthorized if the csrf token is invalid.
 2015-12-01 10:00:06 +00:00
Rebecca Law
48b7a7dc37 108536490: Adding the login manager and csrf token. 
Still need to figure out how to override the load_user method, currently it is not working.
 2015-12-01 10:00:06 +00:00
Rebecca Law
7f96ef5a25 108536490: Initial effort to implement log in 
Add endpoint for post to /sign-in
Initialise role data
 2015-12-01 10:00:06 +00:00
Rebecca Law
9e27ef964a Make users.name unique. 2015-11-26 11:53:49 +00:00
Rebecca Law
ed609eeec9 Removed intial app test, to be replaced by test of the real endpoints 2015-11-26 10:06:15 +00:00
Rebecca Law
af9e2cf0fa 108536234: Added a dao method to get all users. 2015-11-26 09:59:23 +00:00
Rebecca Law
abe1d8ae17 108536234: created users and roles data and domain model. 
You will need to run the /scripts/bootstrap.sh to create the database for test and the app.
 2015-11-25 15:29:12 +00:00
Rebecca Law
83a1dbd79d Added a blank test 2015-11-18 16:52:43 +00:00