Use GOV.UK Notify service to send the forgot password email link using the template to create the message.

2025-12-20 15:31:15 -05:00 · 2016-06-16 10:43:41 +01:00
parent 92fdba7010
commit d6e920fa89
2 changed files with 25 additions and 9 deletions
--- a/app/user/rest.py
+++ b/app/user/rest.py
@@ -217,11 +217,20 @@ def send_user_reset_password():

    user_to_send_to = get_user_by_email(email['email'])

-    reset_password_message = {'to': user_to_send_to.email_address,
-                              'name': user_to_send_to.name,
-                              'reset_password_url': _create_reset_password_url(user_to_send_to.email_address)}
-
-    email_reset_password.apply_async([encryption.encrypt(reset_password_message)], queue='email-reset-password')
+    template = dao_get_template_by_id(current_app.config['PASSWORD_RESET_TEMPLATE_ID'])
+    message = {
+        'template': str(template.id),
+        'template_version': template.version,
+        'to': user_to_send_to.email_address,
+        'personalisation': {
+            'user_name': user_to_send_to.name,
+            'url': _create_verification_url(user_to_send_to, _create_reset_password_url(user_to_send_to.email_address))
+        }
+    }
+    send_email.apply_async([current_app.config['NOTIFY_SERVICE_ID'],
+                            str(uuid.uuid4()),
+                            encryption.encrypt(message),
+                            datetime.utcnow().strftime(DATETIME_FORMAT)], queue='email-reset-password')

    return jsonify({}), 204

--- a/tests/app/user/test_rest.py
+++ b/tests/app/user/test_rest.py
@@ -1,6 +1,7 @@
 import json

-from flask import url_for
+from flask import url_for, current_app
+from freezegun import freeze_time

 import app
 from app.models import (User, Permission, MANAGE_SETTINGS, MANAGE_TEMPLATES)
@@ -391,13 +392,15 @@ def test_set_user_permissions_remove_old(notify_api,
            assert query.first().permission == MANAGE_SETTINGS


+@freeze_time("2016-01-01 11:09:00.061258")
 def test_send_user_reset_password_should_send_reset_password_link(notify_api,
                                                                  sample_user,
                                                                  mocker,
                                                                  mock_encryption):
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
-            mocker.patch('app.celery.tasks.email_reset_password.apply_async')
+            mocker.patch('uuid.uuid4', return_value='some_uuid')  # for the notification id
+            mocker.patch('app.celery.tasks.send_email.apply_async')
            data = json.dumps({'email': sample_user.email_address})
            auth_header = create_authorization_header()
            resp = client.post(
@@ -406,8 +409,12 @@ def test_send_user_reset_password_should_send_reset_password_link(notify_api,
                headers=[('Content-Type', 'application/json'), auth_header])

            assert resp.status_code == 204
-            app.celery.tasks.email_reset_password.apply_async.assert_called_once_with(['something_encrypted'],
-                                                                                      queue='email-reset-password')
+            app.celery.tasks.send_email.apply_async.assert_called_once_with(
+                [str(current_app.config['NOTIFY_SERVICE_ID']),
+                 'some_uuid',
+                 "something_encrypted",
+                 "2016-01-01T11:09:00.061258"],
+                queue="email-reset-password")


 def test_send_user_reset_password_should_return_400_when_user_doesnot_exist(notify_api,