Alexander/FitTrackee
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

API - display security infos only when provided

Browse Source
This commit is contained in:
Sam 2022-03-12 10:09:43 +01:00
parent c155efc7ec
commit d13a3704c5
12 changed files with 456 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
fittrackee/emails/templates/password_change/en/body.html
View File

@ -215,8 +215,8 @@
<h1>Hi {{username}},</h1> <h1>Hi {{username}},</h1>
<p>The password for your FitTrackee account has been changed.</p> <p>The password for your FitTrackee account has been changed.</p>
<p> <p>
For security, this request was received from a {{operating_system}} device using {{browser_name}}. {% if operating_system and browser_name %}For security, this request was received from a {{operating_system}} device using {{browser_name}}.
If this password change wasn't initiated by you, please change your password immediately or contact your administrator if your account is locked. {% endif %}If this password change wasn't initiated by you, please change your password immediately or contact your administrator if your account is locked.
</p> </p>
<p>Thanks, <p>Thanks,
<br> <br>

4
fittrackee/emails/templates/password_change/en/body.txt
View File

@ -2,8 +2,8 @@ Hi {{username}},
The password for your FitTrackee account has been changed. The password for your FitTrackee account has been changed.
For security, this request was received from a {{operating_system}} device using {{browser_name}}. {% if operating_system and browser_name %}For security, this request was received from a {{operating_system}} device using {{browser_name}}.
If this password change wasn't initiated by you, please change your password immediately or contact your administrator if your account is locked. {% endif %}If this password change wasn't initiated by you, please change your password immediately or contact your administrator if your account is locked.
Thanks, Thanks,
The FitTrackee Team The FitTrackee Team

4
fittrackee/emails/templates/password_change/fr/body.html
View File

@ -215,8 +215,8 @@
<h1>Bonjour {{username}},</h1> <h1>Bonjour {{username}},</h1>
<p>Le mot de passe de votre compte FitTrackee a été modifié.</p> <p>Le mot de passe de votre compte FitTrackee a été modifié.</p>
<p> <p>
Pour vérification, cette demande a été reçue à partir d'un appareil sous {{operating_system}}, utilisant le navigateur {{browser_name}}. {% if operating_system and browser_name %}Pour vérification, cette demande a été reçue à partir d'un appareil sous {{operating_system}}, utilisant le navigateur {{browser_name}}.
Si vous n'êtes pas à l'origine de cette modification, veuillez changer votre mot de passe immédiatement ou contacter l'administrateur si votre compte est bloqué. {% endif %}Si vous n'êtes pas à l'origine de cette modification, veuillez changer votre mot de passe immédiatement ou contacter l'administrateur si votre compte est bloqué.
</p> </p>
<p>Merci, <p>Merci,
<br> <br>

4
fittrackee/emails/templates/password_change/fr/body.txt
View File

@ -2,8 +2,8 @@ Bonjour {{username}},
Le mot de passe de votre compte FitTrackee a été modifié. Le mot de passe de votre compte FitTrackee a été modifié.
Pour vérification, cette demande a été reçue à partir d'un appareil sous {{operating_system}}, utilisant le navigateur {{browser_name}}. {% if operating_system and browser_name %}Pour vérification, cette demande a été reçue à partir d'un appareil sous {{operating_system}}, utilisant le navigateur {{browser_name}}.
Si vous n'êtes pas à l'origine de cette modification, veuillez changer votre mot de passe immédiatement ou contacter l'administrateur si votre compte est bloqué. {% endif %}Si vous n'êtes pas à l'origine de cette modification, veuillez changer votre mot de passe immédiatement ou contacter l'administrateur si votre compte est bloqué.
Merci, Merci,
L'équipe FitTrackee L'équipe FitTrackee

4
fittrackee/emails/templates/password_reset_request/en/body.html
View File

@ -230,8 +230,8 @@
</tr> </tr>
</table> </table>
<p> <p>
For security, this request was received from a {{operating_system}} device using {{browser_name}}. {% if operating_system and browser_name %}For security, this request was received from a {{operating_system}} device using {{browser_name}}.
If you did not request a password reset, please ignore this email. {% endif %}If you did not request a password reset, please ignore this email.
</p> </p>
<p>Thanks, <p>Thanks,
<br>The FitTrackee Team</p> <br>The FitTrackee Team</p>

4
fittrackee/emails/templates/password_reset_request/en/body.txt
View File

@ -4,8 +4,8 @@ You recently requested to reset your password for your FitTrackee account. Use t
Reset your password: {{ password_reset_url }} Reset your password: {{ password_reset_url }}
For security, this request was received from a {{operating_system}} device using {{browser_name}}. {% if operating_system and browser_name %}For security, this request was received from a {{operating_system}} device using {{browser_name}}.
If you did not request a password reset, please ignore this email. {% endif %}If you did not request a password reset, please ignore this email.
Thanks, Thanks,
The FitTrackee Team The FitTrackee Team

4
fittrackee/emails/templates/password_reset_request/fr/body.html
View File

@ -231,8 +231,8 @@
</tr> </tr>
</table> </table>
<p> <p>
Pour vérification, cette demande a été reçue à partir d'un appareil sous {{operating_system}}, utilisant le navigateur {{browser_name}}. {% if operating_system and browser_name %}Pour vérification, cette demande a été reçue à partir d'un appareil sous {{operating_system}}, utilisant le navigateur {{browser_name}}.
Si vous n'avez pas demandé de réinitialisation, vous pouvez ignorer cet e-mail. {% endif %}Si vous n'avez pas demandé de réinitialisation, vous pouvez ignorer cet e-mail.
</p> </p>
<p>Merci, <p>Merci,
<br>L'équipe FitTrackee</p> <br>L'équipe FitTrackee</p>

4
fittrackee/emails/templates/password_reset_request/fr/body.txt
View File

@ -5,8 +5,8 @@ Cliquez sur le lien ci-dessous pour le réinitialiser. Ce lien n'est valide que
Réinitialiser le mot de passe : {{ password_reset_url }} Réinitialiser le mot de passe : {{ password_reset_url }}
Pour vérification, cette demande a été reçue à partir d'un appareil sous {{operating_system}}, utilisant le navigateur {{browser_name}}. {% if operating_system and browser_name %}Pour vérification, cette demande a été reçue à partir d'un appareil sous {{operating_system}}, utilisant le navigateur {{browser_name}}.
Si vous n'avez pas demandé de réinitialisation, vous pouvez ignorer cet e-mail. {% endif %}Si vous n'avez pas demandé de réinitialisation, vous pouvez ignorer cet e-mail.
Merci, Merci,
L'équipe FitTrackee L'équipe FitTrackee

124
fittrackee/tests/emails/template_results/password_change.py
View File

@ -11,6 +11,16 @@ Thanks,
The FitTrackee Team The FitTrackee Team
http://localhost""" http://localhost"""
expected_en_text_body_without_security = """Hi test,
The password for your FitTrackee account has been changed.
If this password change wasn't initiated by you, please change your password immediately or contact your administrator if your account is locked.
Thanks,
The FitTrackee Team
http://localhost"""
expected_fr_text_body = """Bonjour test, expected_fr_text_body = """Bonjour test,
Le mot de passe de votre compte FitTrackee a été modifié. Le mot de passe de votre compte FitTrackee a été modifié.
@ -22,6 +32,16 @@ Merci,
L'équipe FitTrackee L'équipe FitTrackee
http://localhost""" http://localhost"""
expected_fr_text_body_without_security = """Bonjour test,
Le mot de passe de votre compte FitTrackee a été modifié.
Si vous n'êtes pas à l'origine de cette modification, veuillez changer votre mot de passe immédiatement ou contacter l'administrateur si votre compte est bloqué.
Merci,
L'équipe FitTrackee
http://localhost"""
expected_en_html_body = """ <body> expected_en_html_body = """ <body>
<span class="preheader">Your password has been changed.</span> <span class="preheader">Your password has been changed.</span>
<table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation"> <table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation">
@ -75,6 +95,58 @@ expected_en_html_body = """ <body>
</body> </body>
</html>""" </html>"""
expected_en_html_body_without_security = """ <body>
<span class="preheader">Your password has been changed.</span>
<table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td align="center">
<table class="email-content" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="email-masthead">
<a href="http://localhost" class="f-fallback email-masthead-name">
FitTrackee
</a>
</td>
</tr>
<tr>
<td class="email-body" width="100%" cellpadding="0" cellspacing="0">
<table class="email-body-inner" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="content-cell">
<div class="f-fallback">
<h1>Hi test,</h1>
<p>The password for your FitTrackee account has been changed.</p>
<p>
If this password change wasn't initiated by you, please change your password immediately or contact your administrator if your account is locked.
</p>
<p>Thanks,
<br>
The FitTrackee Team
</p>
</div>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table class="email-footer" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="content-cell" align="center">
<p class="f-fallback sub align-center">&copy; FitTrackee.</p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>"""
expected_fr_html_body = """ <body> expected_fr_html_body = """ <body>
<span class="preheader">Votre mot de passe a été modifié.</span> <span class="preheader">Votre mot de passe a été modifié.</span>
<table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation"> <table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation">
@ -127,3 +199,55 @@ expected_fr_html_body = """ <body>
</table> </table>
</body> </body>
</html>""" </html>"""
expected_fr_html_body_without_security = """ <body>
<span class="preheader">Votre mot de passe a été modifié.</span>
<table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td align="center">
<table class="email-content" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="email-masthead">
<a href="http://localhost" class="f-fallback email-masthead-name">
FitTrackee
</a>
</td>
</tr>
<tr>
<td class="email-body" width="100%" cellpadding="0" cellspacing="0">
<table class="email-body-inner" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="content-cell">
<div class="f-fallback">
<h1>Bonjour test,</h1>
<p>Le mot de passe de votre compte FitTrackee a été modifié.</p>
<p>
Si vous n'êtes pas à l'origine de cette modification, veuillez changer votre mot de passe immédiatement ou contacter l'administrateur si votre compte est bloqué.
</p>
<p>Merci,
<br>
L'équipe FitTrackee
</p>
</div>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table class="email-footer" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="content-cell" align="center">
<p class="f-fallback sub align-center">&copy; FitTrackee.</p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>"""

173
fittrackee/tests/emails/template_results/password_reset_request.py
View File

@ -13,6 +13,18 @@ Thanks,
The FitTrackee Team The FitTrackee Team
http://localhost""" http://localhost"""
expected_en_text_body_without_security = """Hi test,
You recently requested to reset your password for your FitTrackee account. Use the link below to reset it. This password reset link is only valid for 3 seconds.
Reset your password: http://localhost/password-reset?token=xxx
If you did not request a password reset, please ignore this email.
Thanks,
The FitTrackee Team
http://localhost"""
expected_fr_text_body = """Bonjour test, expected_fr_text_body = """Bonjour test,
Vous avez récemment demandé la réinitialisation du mot de passe de votre compte sur FitTrackee. Vous avez récemment demandé la réinitialisation du mot de passe de votre compte sur FitTrackee.
@ -27,6 +39,19 @@ Merci,
L'équipe FitTrackee L'équipe FitTrackee
http://localhost""" http://localhost"""
expected_fr_text_body_without_security = """Bonjour test,
Vous avez récemment demandé la réinitialisation du mot de passe de votre compte sur FitTrackee.
Cliquez sur le lien ci-dessous pour le réinitialiser. Ce lien n'est valide que pendant 3 secondes.
Réinitialiser le mot de passe : http://localhost/password-reset?token=xxx
Si vous n'avez pas demandé de réinitialisation, vous pouvez ignorer cet e-mail.
Merci,
L'équipe FitTrackee
http://localhost"""
expected_en_html_body = """ <body> expected_en_html_body = """ <body>
<span class="preheader">Use this link to reset your password. The link is only valid for 3 seconds.</span> <span class="preheader">Use this link to reset your password. The link is only valid for 3 seconds.</span>
<table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation"> <table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation">
@ -101,6 +126,79 @@ expected_en_html_body = """ <body>
</body> </body>
</html>""" </html>"""
expected_en_html_body_without_security = """ <body>
<span class="preheader">Use this link to reset your password. The link is only valid for 3 seconds.</span>
<table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td align="center">
<table class="email-content" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="email-masthead">
<a href="http://localhost" class="f-fallback email-masthead-name">
FitTrackee
</a>
</td>
</tr>
<tr>
<td class="email-body" width="100%" cellpadding="0" cellspacing="0">
<table class="email-body-inner" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="content-cell">
<div class="f-fallback">
<h1>Hi test,</h1>
<p>You recently requested to reset your password for your account. Use the button below to reset it.
<strong>This password reset link is only valid for 3 seconds.</strong>
</p>
<table class="body-action" align="center" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td align="center">
<table width="100%" border="0" cellspacing="0" cellpadding="0" role="presentation">
<tr>
<td align="center">
<a href="http://localhost/password-reset?token=xxx" class="f-fallback button button--green" target="_blank">Reset your password</a>
</td>
</tr>
</table>
</td>
</tr>
</table>
<p>
If you did not request a password reset, please ignore this email.
</p>
<p>Thanks,
<br>The FitTrackee Team</p>
<table class="body-sub" role="presentation">
<tr>
<td>
<p class="f-fallback sub">If youre having trouble with the button above, copy and paste the URL below into your web browser.</p>
<p class="f-fallback sub">http://localhost/password-reset?token=xxx</p>
</td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table class="email-footer" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="content-cell" align="center">
<p class="f-fallback sub align-center">&copy; FitTrackee.</p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>"""
expected_fr_html_body = """ <body> expected_fr_html_body = """ <body>
<span class="preheader">Utiliser ce lien pour réinitialiser le mot de passe. Ce lien n'est valide que pendant 3 secondes.</span> <span class="preheader">Utiliser ce lien pour réinitialiser le mot de passe. Ce lien n'est valide que pendant 3 secondes.</span>
<table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation"> <table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation">
@ -175,3 +273,78 @@ expected_fr_html_body = """ <body>
</table> </table>
</body> </body>
</html>""" </html>"""
expected_fr_html_body_without_security = """ <body>
<span class="preheader">Utiliser ce lien pour réinitialiser le mot de passe. Ce lien n'est valide que pendant 3 secondes.</span>
<table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td align="center">
<table class="email-content" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="email-masthead">
<a href="http://localhost" class="f-fallback email-masthead-name">
FitTrackee
</a>
</td>
</tr>
<tr>
<td class="email-body" width="100%" cellpadding="0" cellspacing="0">
<table class="email-body-inner" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="content-cell">
<div class="f-fallback">
<h1>Bonjour test,</h1>
<p>Vous avez récemment demandé la réinitialisation du mot de passe de votre compte sur FitTrackee.
Cliquez sur le bouton ci-dessous pour le réinitialiser.
<strong>Cette réinitialisation n'est valide que pendant 3 secondes.</strong>
</p>
<table class="body-action" align="center" width="100%" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td align="center">
<table width="100%" border="0" cellspacing="0" cellpadding="0" role="presentation">
<tr>
<td align="center">
<a href="http://localhost/password-reset?token=xxx" class="f-fallback button button--green" target="_blank">Réinitialiser le mot de passe</a>
</td>
</tr>
</table>
</td>
</tr>
</table>
<p>
Si vous n'avez pas demandé de réinitialisation, vous pouvez ignorer cet e-mail.
</p>
<p>Merci,
<br>L'équipe FitTrackee</p>
<table class="body-sub" role="presentation">
<tr>
<td>
<p class="f-fallback sub">Si vous avez des problèmes avec le bouton, vous pouvez copier et coller le lien suivant dans votre navigateur</p>
<p class="f-fallback sub">http://localhost/password-reset?token=xxx</p>
</td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<table class="email-footer" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
<tr>
<td class="content-cell" align="center">
<p class="f-fallback sub align-center">&copy; FitTrackee.</p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>"""

65
fittrackee/tests/emails/test_email_template_password_change.py
View File

@ -5,9 +5,13 @@ from fittrackee.emails.email import EmailTemplate
from .template_results.password_change import ( from .template_results.password_change import (
expected_en_html_body, expected_en_html_body,
expected_en_html_body_without_security,
expected_en_text_body, expected_en_text_body,
expected_en_text_body_without_security,
expected_fr_html_body, expected_fr_html_body,
expected_fr_html_body_without_security,
expected_fr_text_body, expected_fr_text_body,
expected_fr_text_body_without_security,
) )
@ -72,3 +76,64 @@ class TestEmailTemplateForPasswordChange:
) )
assert expected_fr_html_body in text_body assert expected_fr_html_body in text_body
class TestEmailTemplateForPasswordChangeWithSecurityInfos:
EMAIL_DATA = {
'username': 'test',
'fittrackee_url': 'http://localhost',
}
@pytest.mark.parametrize(
'lang, expected_subject',
[
('en', 'FitTrackee - Password changed'),
('fr', 'FitTrackee - Mot de passe modifié'),
],
)
def test_it_gets_subject(
self, app: Flask, lang: str, expected_subject: str
) -> None:
email_template = EmailTemplate(app.config['TEMPLATES_FOLDER'])
subject = email_template.get_content(
'password_change', lang, 'subject.txt', {}
)
assert subject == expected_subject
@pytest.mark.parametrize(
'lang, expected_text_body',
[
('en', expected_en_text_body_without_security),
('fr', expected_fr_text_body_without_security),
],
)
def test_it_gets_text_body(
self, app: Flask, lang: str, expected_text_body: str
) -> None:
email_template = EmailTemplate(app.config['TEMPLATES_FOLDER'])
text_body = email_template.get_content(
'password_change', lang, 'body.txt', self.EMAIL_DATA
)
assert text_body == expected_text_body
def test_it_gets_en_html_body(self, app: Flask) -> None:
email_template = EmailTemplate(app.config['TEMPLATES_FOLDER'])
text_body = email_template.get_content(
'password_change', 'en', 'body.html', self.EMAIL_DATA
)
assert expected_en_html_body_without_security in text_body
def test_it_gets_fr_html_body(self, app: Flask) -> None:
email_template = EmailTemplate(app.config['TEMPLATES_FOLDER'])
text_body = email_template.get_content(
'password_change', 'fr', 'body.html', self.EMAIL_DATA
)
assert expected_fr_html_body_without_security in text_body

78
fittrackee/tests/emails/test_email_template_password_request.py
View File

@ -5,9 +5,13 @@ from fittrackee.emails.email import EmailTemplate
from .template_results.password_reset_request import ( from .template_results.password_reset_request import (
expected_en_html_body, expected_en_html_body,
expected_en_html_body_without_security,
expected_en_text_body, expected_en_text_body,
expected_en_text_body_without_security,
expected_fr_html_body, expected_fr_html_body,
expected_fr_html_body_without_security,
expected_fr_text_body, expected_fr_text_body,
expected_fr_text_body_without_security,
) )
@ -86,3 +90,77 @@ class TestEmailTemplateForPasswordRequest:
) )
assert expected_fr_html_body in text_body assert expected_fr_html_body in text_body
class TestEmailTemplateForPasswordRequestWithoutSecurityInfos:
@pytest.mark.parametrize(
'lang, expected_subject',
[
('en', 'FitTrackee - Password reset request'),
('fr', 'FitTrackee - Réinitialiser votre mot de passe'),
],
)
def test_it_gets_subject(
self, app: Flask, lang: str, expected_subject: str
) -> None:
email_template = EmailTemplate(app.config['TEMPLATES_FOLDER'])
subject = email_template.get_content(
'password_reset_request', lang, 'subject.txt', {}
)
assert subject == expected_subject
@pytest.mark.parametrize(
'lang, expected_text_body',
[
('en', expected_en_text_body_without_security),
('fr', expected_fr_text_body_without_security),
],
)
def test_it_gets_text_body(
self, app: Flask, lang: str, expected_text_body: str
) -> None:
email_template = EmailTemplate(app.config['TEMPLATES_FOLDER'])
email_data = {
'expiration_delay': '3 seconds' if lang == 'en' else '3 secondes',
'username': 'test',
'password_reset_url': 'http://localhost/password-reset?token=xxx',
'fittrackee_url': 'http://localhost',
}
text_body = email_template.get_content(
'password_reset_request', lang, 'body.txt', email_data
)
assert text_body == expected_text_body
def test_it_gets_en_html_body(self, app: Flask) -> None:
email_template = EmailTemplate(app.config['TEMPLATES_FOLDER'])
email_data = {
'expiration_delay': '3 seconds',
'username': 'test',
'password_reset_url': 'http://localhost/password-reset?token=xxx',
'fittrackee_url': 'http://localhost',
}
text_body = email_template.get_content(
'password_reset_request', 'en', 'body.html', email_data
)
assert expected_en_html_body_without_security in text_body
def test_it_gets_fr_html_body(self, app: Flask) -> None:
email_template = EmailTemplate(app.config['TEMPLATES_FOLDER'])
email_data = {
'expiration_delay': '3 secondes',
'username': 'test',
'password_reset_url': 'http://localhost/password-reset?token=xxx',
'fittrackee_url': 'http://localhost',
}
text_body = email_template.get_content(
'password_reset_request', 'fr', 'body.html', email_data
)
assert expected_fr_html_body_without_security in text_body