Merge pull request #45 from alphagov/request_verify_code

Create schema for RequestVerifyCodeSchema
This commit is contained in:
NIcholas Staples
2016-02-01 11:00:36 +00:00
4 changed files with 42 additions and 25 deletions

View File

@@ -155,16 +155,18 @@ class Job(db.Model):
onupdate=datetime.datetime.now)
VERIFY_CODE_TYPES = ['email', 'sms']
class VerifyCode(db.Model):
__tablename__ = 'verify_codes'
code_types = ['email', 'sms']
id = db.Column(db.Integer, primary_key=True)
user_id = db.Column(db.Integer, db.ForeignKey('users.id'), index=True, nullable=False)
user = db.relationship('User', backref=db.backref('verify_codes', lazy='dynamic'))
_code = db.Column(db.String, nullable=False)
code_type = db.Column(db.Enum(*code_types, name='verify_code_types'), index=False, unique=False, nullable=False)
code_type = db.Column(db.Enum(*VERIFY_CODE_TYPES, name='verify_code_types'),
index=False, unique=False, nullable=False)
expiry_datetime = db.Column(db.DateTime, nullable=False)
code_used = db.Column(db.Boolean, default=False)
created_at = db.Column(

View File

@@ -1,6 +1,8 @@
from flask_marshmallow.fields import fields
from . import ma
from . import models
from marshmallow import post_load
from marshmallow import post_load, ValidationError
# TODO I think marshmallow provides a better integration and error handling.
# Would be better to replace functionality in dao with the marshmallow supported
@@ -9,7 +11,6 @@ from marshmallow import post_load
class BaseSchema(ma.ModelSchema):
def __init__(self, *args, load_json=False, **kwargs):
self.load_json = load_json
super(BaseSchema, self).__init__(*args, **kwargs)
@@ -27,7 +28,6 @@ class BaseSchema(ma.ModelSchema):
class UserSchema(BaseSchema):
class Meta:
model = models.User
exclude = (
@@ -36,36 +36,35 @@ class UserSchema(BaseSchema):
class ServiceSchema(BaseSchema):
class Meta:
model = models.Service
exclude = ("updated_at", "created_at", "api_keys", "templates", "jobs", "queue_name")
class TemplateSchema(BaseSchema):
class Meta:
model = models.Template
exclude = ("updated_at", "created_at", "service_id", "jobs")
class ApiKeySchema(BaseSchema):
class Meta:
model = models.ApiKey
exclude = ("service", "secret")
class JobSchema(BaseSchema):
class Meta:
model = models.Job
class VerifyCodeSchema(BaseSchema):
class Meta:
model = models.VerifyCode
exclude = ('user', "_code", "expiry_datetime", "code_used", "created_at")
class RequestVerifyCodeSchema(ma.Schema):
def verify_code_type(self):
if self not in models.VERIFY_CODE_TYPES:
raise ValidationError('Invalid code type')
code_type = fields.Str(required=True, validate=verify_code_type)
to = fields.Str(required=False)
user_schema = UserSchema()
@@ -83,4 +82,4 @@ api_keys_schema = ApiKeySchema(many=True)
job_schema = JobSchema()
job_schema_load_json = JobSchema(load_json=True)
jobs_schema = JobSchema(many=True)
verify_code_schema = VerifyCodeSchema()
request_verify_code_schema = RequestVerifyCodeSchema()

View File

@@ -15,8 +15,8 @@ from app.dao.users_dao import (
)
from app.schemas import (
user_schema, users_schema, service_schema, services_schema,
verify_code_schema, user_schema_load_json)
from app import db, notify_alpha_client
request_verify_code_schema, user_schema_load_json)
from app import notify_alpha_client
from flask import Blueprint
@@ -126,24 +126,22 @@ def send_user_code(user_id):
except NoResultFound:
return jsonify(result="error", message="User not found"), 404
request_json = request.get_json()
verify_code, errors = verify_code_schema.load(request_json)
verify_code, errors = request_verify_code_schema.load(request.get_json())
if errors:
return jsonify(result="error", message=errors), 400
from app.dao.users_dao import create_secret_code
secret_code = create_secret_code()
create_user_code(user, secret_code, verify_code.code_type)
create_user_code(user, secret_code, verify_code.get('code_type'))
# TODO this will need to fixed up when we stop using
# notify_alpha_client
if verify_code.code_type == 'sms':
mobile = user.mobile_number if 'to' not in request_json else request_json['to']
if verify_code.get('code_type') == 'sms':
mobile = user.mobile_number if verify_code.get('to', None) is None else verify_code.get('to')
notify_alpha_client.send_sms(
mobile_number=mobile,
message=secret_code)
elif verify_code.code_type == 'email':
email = user.email_address if 'to' not in request_json else request_json['to']
elif verify_code.get('code_type') == 'email':
email = user.email_address if verify_code.get('to', None) is None else verify_code.get('to')
notify_alpha_client.send_email(
email,
secret_code,

View File

@@ -348,3 +348,21 @@ def test_send_user_code_for_email_uses_optional_to_field(notify_api,
'11111',
'notify@digital.cabinet-office.gov.uk',
'Verification code')
def test_request_verify_code_schema_invalid_code_type(notify_api, notify_db, notify_db_session, sample_user):
import json
from app.schemas import request_verify_code_schema
data = json.dumps({'code_type': 'not_sms'})
code, error = request_verify_code_schema.loads(data)
assert code == {}
assert error == {'code_type': ['Invalid code type']}
def test_request_verify_code_schema_with_to(notify_api, notify_db, notify_db_session, sample_user):
import json
from app.schemas import request_verify_code_schema
data = json.dumps({'code_type': 'sms', 'to': 'some@one.gov.uk'})
code, error = request_verify_code_schema.loads(data)
assert code == {'code_type': 'sms', 'to': 'some@one.gov.uk'}
assert error == {}