Previously this was hidden away in an anonymous __init__.py file.
I did think about splitting the models into individual files, like
we do with the top-level models for the app. Since the models are
only imported in one place - i.e. are all used together - it didn't
seem worth the hassle, so I've kept them in one file.
This saves a bit of repetition, and lets us attach other methods to the
collection, rather than having multiple methods on the user object
prefixed with the same name, or random functions floating about.
this is in line with our settings during registration. user verification
involves the browser popping up a PIN prompt. Since the user has already
entered their password correctly to get to this stage, we don't need any
more proof of Something They Know, so there's no need for this.
both routes are already valid, however, the link from sign-in sends to
the old link. it fetches whichever URL is second in the route decorator
list when you call `url_for`. Swapping the order around keeps the routes
valid but starts pointing users to the new url.
the next url comes from sign in via a query param, and needs to go to
the POST /webauthn/authenticate endpoint. That endpoint logs the user
in and returns the redirect to the browser, and will take the next from
the request query params to get there.
also moving the window mocks to beforeEach/afterEach ensures that
promise callbacks from previous tests aren't still associated in future
tests to ensure good test isolation.
unfortunately i couldn't get mocking location for a single js test to
work, but by changing the global config i was able to add some query
params that i can expect to be passed through. Don't love this at all
but not quite sure of a good way round this. I think we're not
practicing very good hygiene and best practices with our mocking and
it's really confounding me here.
We only need domains in here which either:
- don’t belong to a single organisation (eg gov.uk)
All other domains should be stored in the database.
This PR removes domains which are now in the database.
Before
---
```sql
select domain from domain where domain in ('gov.uk', 'mod.uk', 'mil.uk', 'd
dc-mod.org', 'gov.scot', 'parliament.scot', 'parliament.uk', 'nhs.uk', 'nhs.net', 'nhs.scot', 'police.uk', 'scotent.c
o.uk', 'assembly.wales', 'cjsm.net', 'gov.wales', 'ac.uk', 'sch.uk', 'onevoicewales.wales', 'mtvh.co.uk', 'wmca.org.u
k', 'suttonmail.org');
```
+-----------------+
| domain |
|-----------------+
| mtvh.co.uk |
| wmca.org.uk |
| gov.wales |
| gov.scot |
| parliament.uk |
| assembly.wales |
| mil.uk |
| mod.uk |
| ddc-mod.org |
| parliament.scot |
| scotent.co.uk |
+-----------------+
After
---
```sql
select domain from domain where domain in ('gov.uk', 'nhs.uk', 'nhs.ne
t', 'nhs.scot', 'police.uk', 'cjsm.net', 'ac.uk', 'sch.uk', 'onevoicewales.wales', 'suttonmail.org') ;
```
+----------+
| domain |
|----------|
+----------+
'all' isn't a valid channel. It should be one of government, severe or
test. I think this is a mistake and therefore this commit changes it to
what it should be