Merge pull request #137 from alphagov/fix-logged-in-at

Capture logged in at when password is verified

app/user/rest.py

@@ -1,5 +1,5 @@
 from datetime import datetime
-from flask import (jsonify, request, abort, Blueprint, current_app)
+from flask import (jsonify, request, abort, Blueprint)
 from app import encryption
 
 from app.dao.users_dao import (
@@ -77,6 +77,8 @@ def verify_user_password(user_id):
             result="error",
             message={'password': ['Required field missing data']}), 400
     if user_to_verify.check_password(txt_pwd):
+        user_to_verify.logged_in_at = datetime.utcnow()
+        save_model_user(user_to_verify)
         reset_failed_login_count(user_to_verify)
         return jsonify({}), 204
     else:

tests/app/user/test_rest_verify.py

@@ -2,10 +2,11 @@ import json
 import moto
 from datetime import (datetime, timedelta)
 from flask import url_for
-from app.models import (VerifyCode)
+from app.models import (VerifyCode, User)
 import app.celery.tasks
 from app import db, encryption
 from tests import create_authorization_header
+from freezegun import freeze_time
 
 
 def test_user_verify_code_sms(notify_api,
@@ -137,6 +138,7 @@ def test_user_verify_code_email_expired_code(notify_api,
             assert not VerifyCode.query.first().code_used
 
 
+@freeze_time("2016-01-01 10:00:00.000000")
 def test_user_verify_password(notify_api,
                               notify_db,
                               notify_db_session,
@@ -156,6 +158,7 @@ def test_user_verify_password(notify_api,
                 data=data,
                 headers=[('Content-Type', 'application/json'), auth_header])
             assert resp.status_code == 204
+            User.query.get(sample_user.id).logged_in_at == datetime.utcnow()
 
 
 def test_user_verify_password_invalid_password(notify_api,