API - send an email after successful password reset

2022-03-13 09:01:23 +01:00 · 2022-03-13 09:01:23 +01:00 · c155efc7ec
commit c155efc7ec
parent ae0b9c36b2
2 changed files with 77 additions and 1 deletions
--- a/fittrackee/tests/users/test_auth_api.py
+++ b/fittrackee/tests/users/test_auth_api.py
@ -1847,7 +1847,34 @@ class TestPasswordUpdate(ApiTestCaseMixin):

        self.assert_400(response, 'password: 8 characters required\n')

-    def test_it_updates_password(self, app: Flask, user_1: User) -> None:
+    def test_it_does_not_send_email_after_error(
+        self,
+        app: Flask,
+        user_1: User,
+        password_change_email_mock: MagicMock,
+    ) -> None:
+        token = get_user_token(user_1.id, password_reset=True)
+        client = app.test_client()
+
+        client.post(
+            '/api/auth/password/update',
+            data=json.dumps(
+                dict(
+                    token=token,
+                    password='1234567',
+                )
+            ),
+            content_type='application/json',
+        )
+
+        password_change_email_mock.assert_not_called()
+
+    def test_it_updates_password(
+        self,
+        app: Flask,
+        user_1: User,
+        password_change_email_mock: MagicMock,
+    ) -> None:
        token = get_user_token(user_1.id, password_reset=True)
        client = app.test_client()

@ -1867,6 +1894,41 @@ class TestPasswordUpdate(ApiTestCaseMixin):
        assert data['status'] == 'success'
        assert data['message'] == 'password updated'

+    def test_it_send_email_after_successful_update(
+        self,
+        app: Flask,
+        user_1: User,
+        password_change_email_mock: MagicMock,
+    ) -> None:
+        token = get_user_token(user_1.id, password_reset=True)
+        client = app.test_client()
+
+        response = client.post(
+            '/api/auth/password/update',
+            data=json.dumps(
+                dict(
+                    token=token,
+                    password='12345678',
+                )
+            ),
+            content_type='application/json',
+            environ_base={'HTTP_USER_AGENT': USER_AGENT},
+        )
+
+        assert response.status_code == 200
+        password_change_email_mock.send.assert_called_once_with(
+            {
+                'language': 'en',
+                'email': user_1.email,
+            },
+            {
+                'username': user_1.username,
+                'fittrackee_url': 'http://0.0.0.0:5000',
+                'operating_system': 'linux',
+                'browser_name': 'firefox',
+            },
+        )
+

 class TestEmailUpdateWitUnauthenticatedUser(ApiTestCaseMixin):
    def test_it_returns_error_if_token_is_missing(self, app: Flask) -> None:
--- a/fittrackee/users/auth.py
+++ b/fittrackee/users/auth.py
@ -1296,6 +1296,20 @@ def update_password() -> Union[Dict, HttpResponse]:
            password, current_app.config.get('BCRYPT_LOG_ROUNDS')
        ).decode()
        db.session.commit()
+
+        password_change_email.send(
+            {
+                'language': ('en' if user.language is None else user.language),
+                'email': user.email,
+            },
+            {
+                'username': user.username,
+                'fittrackee_url': current_app.config['UI_URL'],
+                'operating_system': request.user_agent.platform,
+                'browser_name': request.user_agent.browser,
+            },
+        )
+
        return {
            'status': 'success',
            'message': 'password updated',