darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 10:53:28 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
ad9ce73c14cfb81ed91b424ec925c4b4b05c212e
notifications-admin/tests/app/main/views/test_forgot_password.py
Rebecca Law bb1db0c345 When the user request a reset password link, the user.state is set to request_password_reset. 
Which means the user will only be able to reset their password, and not sign-in.
Once the user resets the password the user state is set to active once more.
If the link is used a second time they will be redirected to the index page with a message
that the link in the email is not longer valid.
2016-01-11 12:23:08 +00:00

42 lines
2.2 KiB
Python
Raw Blame History

from flask import url_for
from app.main.dao import users_dao
from app.main.views import generate_token
from tests.app.main import create_test_user
def test_should_render_forgot_password(notifications_admin, notifications_admin_db, notify_db_session):
response = notifications_admin.test_client().get('/forgot-password')
assert response.status_code == 200
assert 'If you have forgotten your password, we can send you an email to create a new password.' \
in response.get_data(as_text=True)
def test_should_redirect_to_password_reset_sent_and_state_updated(notifications_admin,
notifications_admin_db,
mocker,
notify_db_session):
mocker.patch("app.admin_api_client.send_email")
user = create_test_user('active')
response = notifications_admin.test_client().post('/forgot-password',
data={'email_address': user.email_address})
assert response.status_code == 200
assert 'You have been sent an email containing a link to reset your password.' in response.get_data(
as_text=True)
assert users_dao.get_user_by_id(user.id).state == 'request_password_reset'
def test_should_redirect_to_forgot_password_with_flash_message_when_token_is_expired(notifications_admin,
notifications_admin_db,
notify_db_session):
with notifications_admin.test_request_context():
with notifications_admin.test_client() as client:
notifications_admin.config['TOKEN_MAX_AGE_SECONDS'] = -1000
user = create_test_user('active')
token = generate_token(user.email_address)
response = client.post('/new-password/{}'.format(token),
data={'new_password': 'a-new_password'})
assert response.status_code == 302
assert response.location == url_for('.forgot_password', _external=True)
notifications_admin.config['TOKEN_MAX_AGE_SECONDS'] = 86400
Reference in New Issue View Git Blame Copy Permalink