From c155efc7ec99eb41e343806fdbedf18afbf7c5e3 Mon Sep 17 00:00:00 2001 From: Sam Date: Sun, 13 Mar 2022 09:01:23 +0100 Subject: [PATCH] API - send an email after successful password reset --- fittrackee/tests/users/test_auth_api.py | 64 ++++++++++++++++++++++++- fittrackee/users/auth.py | 14 ++++++ 2 files changed, 77 insertions(+), 1 deletion(-) diff --git a/fittrackee/tests/users/test_auth_api.py b/fittrackee/tests/users/test_auth_api.py index 0c66826d..de30552b 100644 --- a/fittrackee/tests/users/test_auth_api.py +++ b/fittrackee/tests/users/test_auth_api.py @@ -1847,7 +1847,34 @@ class TestPasswordUpdate(ApiTestCaseMixin): self.assert_400(response, 'password: 8 characters required\n') - def test_it_updates_password(self, app: Flask, user_1: User) -> None: + def test_it_does_not_send_email_after_error( + self, + app: Flask, + user_1: User, + password_change_email_mock: MagicMock, + ) -> None: + token = get_user_token(user_1.id, password_reset=True) + client = app.test_client() + + client.post( + '/api/auth/password/update', + data=json.dumps( + dict( + token=token, + password='1234567', + ) + ), + content_type='application/json', + ) + + password_change_email_mock.assert_not_called() + + def test_it_updates_password( + self, + app: Flask, + user_1: User, + password_change_email_mock: MagicMock, + ) -> None: token = get_user_token(user_1.id, password_reset=True) client = app.test_client() @@ -1867,6 +1894,41 @@ class TestPasswordUpdate(ApiTestCaseMixin): assert data['status'] == 'success' assert data['message'] == 'password updated' + def test_it_send_email_after_successful_update( + self, + app: Flask, + user_1: User, + password_change_email_mock: MagicMock, + ) -> None: + token = get_user_token(user_1.id, password_reset=True) + client = app.test_client() + + response = client.post( + '/api/auth/password/update', + data=json.dumps( + dict( + token=token, + password='12345678', + ) + ), + content_type='application/json', + environ_base={'HTTP_USER_AGENT': USER_AGENT}, + ) + + assert response.status_code == 200 + password_change_email_mock.send.assert_called_once_with( + { + 'language': 'en', + 'email': user_1.email, + }, + { + 'username': user_1.username, + 'fittrackee_url': 'http://0.0.0.0:5000', + 'operating_system': 'linux', + 'browser_name': 'firefox', + }, + ) + class TestEmailUpdateWitUnauthenticatedUser(ApiTestCaseMixin): def test_it_returns_error_if_token_is_missing(self, app: Flask) -> None: diff --git a/fittrackee/users/auth.py b/fittrackee/users/auth.py index c7e10038..26e9d0da 100644 --- a/fittrackee/users/auth.py +++ b/fittrackee/users/auth.py @@ -1296,6 +1296,20 @@ def update_password() -> Union[Dict, HttpResponse]: password, current_app.config.get('BCRYPT_LOG_ROUNDS') ).decode() db.session.commit() + + password_change_email.send( + { + 'language': ('en' if user.language is None else user.language), + 'email': user.email, + }, + { + 'username': user.username, + 'fittrackee_url': current_app.config['UI_URL'], + 'operating_system': request.user_agent.platform, + 'browser_name': request.user_agent.browser, + }, + ) + return { 'status': 'success', 'message': 'password updated',