def verify_email(token):
email = Email.get_email_by_token(token)
if email:
email.verify()
flash('Your email is now verified!')
else:
flash('Something went wrong. Please try again.')
return redirect(url_for('auth.login'))
def test_an_email_can_generate_verification_token(app, session):
"""An email can generate a verification token."""
# Given an email (on a user) and that email's verification token
user = create_user(session, email='*****@*****.**')
email_verification_token = user.email.verification_token
# When the token is used to retrieve the email
email_to_verify = Email.get_email_by_token(email_verification_token)
# Then it returns the email to verify
assert email_to_verify == '*****@*****.**'
# When the token is decoded
from jwt import decode as jwt_decode
decoded_token = jwt_decode(email_verification_token,
app.config['SECRET_KEY'],
algorithms=['HS256'])
# Then the email and user id should be accessible.
assert decoded_token['email'] == '*****@*****.**'
assert decoded_token['user_id'] == user.id