From 4f8c2d31a5b046a5e430b33b0115a303aa00c904 Mon Sep 17 00:00:00 2001
From: Martyn Inglis <martyn.inglis@digital.cabinet-office.gov.uk>
Date: Mon, 7 Mar 2016 15:01:40 +0000
Subject: [PATCH] Capture logged in at when password is verified

---
 app/user/rest.py                   | 4 +++-
 tests/app/user/test_rest_verify.py | 5 ++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/app/user/rest.py b/app/user/rest.py
index 9977410db..6287522b6 100644
--- a/app/user/rest.py
+++ b/app/user/rest.py
@@ -1,5 +1,5 @@
 from datetime import datetime
-from flask import (jsonify, request, abort, Blueprint, current_app)
+from flask import (jsonify, request, abort, Blueprint)
 from app import encryption
 
 from app.dao.users_dao import (
@@ -77,6 +77,8 @@ def verify_user_password(user_id):
             result="error",
             message={'password': ['Required field missing data']}), 400
     if user_to_verify.check_password(txt_pwd):
+        user_to_verify.logged_in_at = datetime.utcnow()
+        save_model_user(user_to_verify)
         reset_failed_login_count(user_to_verify)
         return jsonify({}), 204
     else:
diff --git a/tests/app/user/test_rest_verify.py b/tests/app/user/test_rest_verify.py
index 10310627c..98d9b65fd 100644
--- a/tests/app/user/test_rest_verify.py
+++ b/tests/app/user/test_rest_verify.py
@@ -2,10 +2,11 @@ import json
 import moto
 from datetime import (datetime, timedelta)
 from flask import url_for
-from app.models import (VerifyCode)
+from app.models import (VerifyCode, User)
 import app.celery.tasks
 from app import db, encryption
 from tests import create_authorization_header
+from freezegun import freeze_time
 
 
 def test_user_verify_code_sms(notify_api,
@@ -137,6 +138,7 @@ def test_user_verify_code_email_expired_code(notify_api,
             assert not VerifyCode.query.first().code_used
 
 
+@freeze_time("2016-01-01 10:00:00.000000")
 def test_user_verify_password(notify_api,
                               notify_db,
                               notify_db_session,
@@ -156,6 +158,7 @@ def test_user_verify_password(notify_api,
                 data=data,
                 headers=[('Content-Type', 'application/json'), auth_header])
             assert resp.status_code == 204
+            User.query.get(sample_user.id).logged_in_at == datetime.utcnow()
 
 
 def test_user_verify_password_invalid_password(notify_api,