def test_validation_validates_user(self):
# On user activation the 'validated' field is set to True.
uuid_string = "20e81ab7-51c0-444f-b204-f1c4cfe1aa7a"
with mock.patch("uuid.uuid4", return_value=uuid.UUID(uuid_string)):
self.app.post_json(
"/accounts",
{
"data": {
"id": "*****@*****.**",
"password": "******",
"email-context": {"name": "Alice", "homepage": "https://example.com"},
}
},
status=201,
)
resp = self.app.post_json(
"/accounts/[email protected]/validate/" + uuid_string, {}, status=200
)
assert "validated" in resp.json
assert resp.json["validated"]
# An active user can authenticate.
resp = self.app.get("/", headers=get_user_headers("*****@*****.**", "12éé6"))
assert resp.json["user"]["id"] == "account:[email protected]"
# Once activated, the activation key is removed from the cache.
assert get_cached_validation_key("*****@*****.**", self.app.app.registry) is None
assert len(self.mailer.outbox) == 2 # Validation email, reset password email.
mail = self.mailer.outbox[1] # Get the confirmation email.
assert mail.sender == "*****@*****.**"
assert mail.subject == "Alice, your account [email protected] is now active"
assert mail.recipients == ["*****@*****.**"]
assert (
mail.body
== "Your account [email protected] has been successfully activated. Connect to https://example.com"
)
def test_create_account_stores_activated_field(self):
uuid_string = "20e81ab7-51c0-444f-b204-f1c4cfe1aa7a"
with mock.patch("uuid.uuid4", return_value=uuid.UUID(uuid_string)):
resp = self.app.post_json(
"/accounts",
{
"data": {
"id": "*****@*****.**",
"password": "******",
"email-context": {
"name": "Alice",
"activation-form-url": "https://example.com",
},
}
},
status=201,
)
assert "activation-key" not in resp.json["data"]
assert "validated" in resp.json["data"]
assert not resp.json["data"]["validated"]
assert len(self.mailer.outbox) == 1
mail = self.mailer.outbox[0] # Get the validation email.
assert mail.sender == "*****@*****.**"
assert mail.subject == "Alice, activate your account [email protected]"
assert mail.recipients == ["*****@*****.**"]
# The {{bad-key}} from the template will be rendered as {bad-key} in
# the final email, instead of failing the formatting.
assert mail.body == f"https://example.com/[email protected]/{uuid_string} {{bad-key}}"
# The activation key is stored in the cache.
assert get_cached_validation_key("*****@*****.**",
self.app.app.registry) == uuid_string
def test_validation_fail_bad_activation_key(self):
uuid_string = "20e81ab7-51c0-444f-b204-f1c4cfe1aa7a"
with mock.patch("uuid.uuid4", return_value=uuid.UUID(uuid_string)):
self.app.post_json(
"/accounts", {"data": {"id": "*****@*****.**", "password": "******"}}, status=201
)
# Validate the user.
resp = self.app.post_json(
"/accounts/[email protected]/validate/bad-activation-key", {}, status=403
)
assert "Account ID and activation key do not match" in resp.json["message"]
# The activation key is still in the cache
assert get_cached_validation_key("*****@*****.**", self.app.app.registry) is not None