add email code verification

by hitting POST /<user_id>/email-code, we create an email two factor code to send to the user. That email contains a link with a token that will sign the user in when opened. Also some other things: "email verification" (aka when you first create an account) doesn't hit the API anymore refactor 2fa code verification and sending to use jsonschema, and share code between sms and email Die marshmallow die!
2026-02-01 23:55:58 -05:00 · 2017-11-03 09:51:50 +00:00
parent 8b2c242355
commit b2756ac99d
6 changed files with 109 additions and 78 deletions
--- a/tests/app/user/test_rest_verify.py
+++ b/tests/app/user/test_rest_verify.py
@@ -40,25 +40,6 @@ def test_user_verify_sms_code(client, sample_sms_code):
    assert sample_sms_code.user.current_session_id is not None


-@freeze_time('2016-01-01T12:00:00')
-def test_user_verify_email_code(client, sample_email_code):
-    sample_email_code.user.logged_in_at = datetime.utcnow() - timedelta(days=1)
-    assert not VerifyCode.query.first().code_used
-    assert sample_email_code.user.current_session_id is None
-    data = json.dumps({
-        'code_type': sample_email_code.code_type,
-        'code': sample_email_code.txt_code})
-    auth_header = create_authorization_header()
-    resp = client.post(
-        url_for('user.verify_user_code', user_id=sample_email_code.user.id),
-        data=data,
-        headers=[('Content-Type', 'application/json'), auth_header])
-    assert resp.status_code == 204
-    assert VerifyCode.query.first().code_used
-    assert sample_email_code.user.logged_in_at == datetime.utcnow() - timedelta(days=1)
-    assert sample_email_code.user.current_session_id is None
-
-
 def test_user_verify_code_missing_code(client,
                                       sample_sms_code):
    assert not VerifyCode.query.first().code_used
@@ -207,11 +188,9 @@ def test_send_user_sms_code(client,
    assert resp.status_code == 204

    assert mocked.call_count == 1
-    assert VerifyCode.query.count() == 1
-    assert VerifyCode.query.first().check_code('11111')
+    assert VerifyCode.query.one().check_code('11111')

-    assert Notification.query.count() == 1
-    notification = Notification.query.first()
+    notification = Notification.query.one()
    assert notification.personalisation == {'verify_code': '11111'}
    assert notification.to == sample_user.mobile_number
    assert str(notification.service_id) == current_app.config['NOTIFY_SERVICE_ID']