def test_client_activates_if_pending(mocker, api_user_pending):
mock_post = mocker.patch('app.notify_client.user_api_client.UserApiClient.post')
user_api_client.max_failed_login_count = 1 # doesn't matter for this test
user_api_client.activate_user(api_user_pending)
mock_post.assert_called_once_with('/user/{}/activate'.format(api_user_pending.id), data=None)
def test_client_doesnt_activate_if_already_active(mocker, api_user_active):
mock_post = mocker.patch(
'app.notify_client.user_api_client.UserApiClient.post')
user_api_client.activate_user(api_user_active)
assert not mock_post.called
def log_in_user(user_id):
user = user_api_client.get_user(user_id)
if should_reverify_email(user.email_last_verified_at, user.created_at,
user.auth_type):
user_api_client.send_reverify_email(user.id, user.email_address)
return redirect(url_for('main.reverify_email'))
if should_rotate_password(user.password_changed_at):
return redirect(url_for('main.rotate_password'))
try:
# the user will have a new current_session_id set by the API
# store it in the cookie for future requests
session['current_session_id'] = user.current_session_id
# check if password needs to be updated
if 'password' in session.get('user_details', {}):
user = user_api_client.update_password(
user.id, password=session['user_details']['password'])
flash('Your password has been updated', 'default_with_tick')
# check if email last verified date needs to be updated
if 'set_last_verified_at' in session.get('user_details', {}):
user_api_client.set_email_last_verified_at(user_id)
flash('Thanks for verifying your email address',
'default_with_tick')
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
finally:
# get rid of anything in the session that we don't expect to have been set during register/sign in flow
session.pop('user_details', None)
session.pop('file_uploads', None)
return redirect_when_logged_in(user_id)
def activate_user(user_id):
user = user_api_client.get_user(user_id)
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
session['current_session_id'] = user.current_session_id
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
return redirect(url_for('main.add_service', first='first'))
def two_factor():
user_id = session['user_details']['id']
def _check_code(code):
return user_api_client.check_verify_code(user_id, code, "sms")
form = TwoFactorForm(_check_code)
if form.validate_on_submit():
try:
user = user_api_client.get_user(user_id)
services = service_api_client.get_active_services({'user_id': str(user_id)}).get('data', [])
# Check if coming from new password page
if 'password' in session['user_details']:
user.set_password(session['user_details']['password'])
user.reset_failed_login_count()
user_api_client.update_user(user)
activated_user = user_api_client.activate_user(user)
login_user(activated_user, remember=True)
finally:
del session['user_details']
next_url = request.args.get('next')
if next_url and _is_safe_redirect_url(next_url):
return redirect(next_url)
if current_user.platform_admin:
return redirect(url_for('main.platform_admin'))
if len(services) == 1:
return redirect(url_for('main.service_dashboard', service_id=services[0]['id']))
else:
return redirect(url_for('main.choose_service'))
return render_template('views/two-factor.html', form=form)
def activate_user(user_id):
user = user_api_client.get_user(user_id)
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
session['current_session_id'] = user.current_session_id
organisation_id = session.get('organisation_id', None)
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
if organisation_id:
return redirect(url_for('main.organisation_dashboard', org_id=organisation_id))
else:
return redirect(url_for('main.add_service', first='first'))
def log_in_user(user_id):
try:
user = user_api_client.get_user(user_id)
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
session['current_session_id'] = user.current_session_id
# Check if coming from new password page
if 'password' in session.get('user_details', {}):
user = user_api_client.update_password(
user.id, password=session['user_details']['password'])
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
finally:
session.pop("user_details", None)
return redirect_when_logged_in(user_id)
def log_in_user(user_id):
try:
user = user_api_client.get_user(user_id)
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
session['current_session_id'] = user.current_session_id
# Check if coming from new password page
if 'password' in session.get('user_details', {}):
user = user_api_client.update_password(
user.id, password=session['user_details']['password'])
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
finally:
# get rid of anything in the session that we don't expect to have been set during register/sign in flow
session.pop("user_details", None)
session.pop("file_uploads", None)
return redirect_when_logged_in(user_id)
def verify():
user_id = session['user_details']['id']
def _check_code(code):
return user_api_client.check_verify_code(user_id, code, 'sms')
form = TwoFactorForm(_check_code)
if form.validate_on_submit():
try:
user = user_api_client.get_user(user_id)
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
return redirect(url_for('main.add_service', first='first'))
finally:
session.pop('user_details', None)
return render_template('views/two-factor.html', form=form)
def verify():
user_id = session['user_details']['id']
def _check_code(code):
return user_api_client.check_verify_code(user_id, code, 'sms')
form = TwoFactorForm(_check_code)
if form.validate_on_submit():
try:
user = user_api_client.get_user(user_id)
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
return redirect(url_for('main.add_service', first='first'))
finally:
session.pop('user_details', None)
return render_template('views/two-factor.html', form=form)
def two_factor():
user_id = session['user_details']['id']
def _check_code(code):
return user_api_client.check_verify_code(user_id, code, "sms")
form = TwoFactorForm(_check_code)
if form.validate_on_submit():
try:
user = user_api_client.get_user(user_id)
services = service_api_client.get_services({
'user_id': str(user_id)
}).get('data', [])
# Check if coming from new password page
if 'password' in session['user_details']:
user.set_password(session['user_details']['password'])
user.reset_failed_login_count()
user_api_client.update_user(user)
activated_user = user_api_client.activate_user(user)
login_user(activated_user, remember=True)
finally:
del session['user_details']
next_url = request.args.get('next')
if next_url and _is_safe_redirect_url(next_url):
return redirect(next_url)
if current_user.platform_admin:
return redirect(url_for('main.show_all_services'))
if len(services) == 1:
return redirect(
url_for('main.service_dashboard',
service_id=services[0]['id']))
else:
return redirect(url_for('main.choose_service'))
return render_template('views/two-factor.html', form=form)
def activate_user(user_id):
user = user_api_client.get_user(user_id)
# the user will have a new current_session_id set by the API - store it in the cookie for future requests
session['current_session_id'] = user.current_session_id
organisation_id = session.get('organisation_id')
activated_user = user_api_client.activate_user(user)
login_user(activated_user)
invited_user = session.get('invited_user')
if invited_user:
service_id = _add_invited_user_to_service(invited_user)
return redirect(
url_for('main.service_dashboard', service_id=service_id))
invited_org_user = session.get('invited_org_user')
if invited_org_user:
user_api_client.add_user_to_organisation(
invited_org_user['organisation'], session['user_details']['id'])
if organisation_id:
return redirect(
url_for('main.organisation_dashboard', org_id=organisation_id))
else:
return redirect(url_for('main.add_service', first='first'))
