Don’t update email_access_validated_at on password reset

As of https://github.com/alphagov/notifications-admin/pull/4000/files the admin app is doing this, so we don’t need to do it here as well.
2025-12-20 07:21:13 -05:00 · 2021-08-17 16:59:51 +01:00
parent 43f010ea1b
commit 2c7e4657ce
4 changed files with 6 additions and 27 deletions
--- a/app/dao/users_dao.py
+++ b/app/dao/users_dao.py
@@ -123,12 +123,10 @@ def reset_failed_login_count(user):
        db.session.commit()


-def update_user_password(user, password, validated_email_access=False):
+def update_user_password(user, password):
    # reset failed login count - they've just reset their password so should be fine
    user.password = password
    user.password_changed_at = datetime.utcnow()
-    if validated_email_access:
-        user.email_access_validated_at = datetime.utcnow()
    db.session.add(user)
    db.session.commit()