예제 #1
0
def post_for_password_token(body: ResetPasswordBodyModel) -> None:
    check_recaptcha_token_is_valid(
        body.token, "resetPassword",
        settings.RECAPTCHA_RESET_PASSWORD_MINIMAL_SCORE)
    user = find_user_by_email(body.email)

    if not user or not user.isActive:
        # Here we also return a 204 to prevent attacker from discovering which email exists in db
        return

    generate_reset_token(user)
    repository.save(user)

    is_not_pro_user = user.isBeneficiary

    if is_not_pro_user:
        try:
            send_reset_password_email_to_user(user, send_raw_email)
        except MailServiceException as mail_service_exception:
            app.logger.exception(
                "[send_reset_password_email_to_user] "
                "Mail service failure", mail_service_exception)
    else:
        try:
            send_reset_password_email_to_pro(user, send_raw_email)
        except MailServiceException as mail_service_exception:
            app.logger.exception(
                "[send_reset_password_email_to_pro] "
                "Mail service failure", mail_service_exception)
예제 #2
0
    def test_should_raise_when_score_is_too_low(self, recaptcha_response):
        # Given
        token = generate_fake_token()
        recaptcha_response.return_value = {"success": True, "score": 0.2}

        # When
        with pytest.raises(InvalidRecaptchaTokenException):
            check_recaptcha_token_is_valid(token, ORIGINAL_ACTION, 0.5)
예제 #3
0
def verify_id_check_licence_token(
    body: serialization_beneficiaries.VerifyIdCheckLicenceRequest,
) -> serialization_beneficiaries.VerifyIdCheckLicenceResponse:
    if users_repo.get_id_check_token(body.token):
        return serialization_beneficiaries.VerifyIdCheckLicenceResponse()

    # Let's try with the legacy webapp tokens
    check_recaptcha_token_is_valid(body.token, "submit",
                                   settings.RECAPTCHA_LICENCE_MINIMAL_SCORE)

    return serialization_beneficiaries.VerifyIdCheckLicenceResponse()
예제 #4
0
    def test_should_raise_exception_for_any_other_error_code(
            self, recaptcha_response, error_code):
        # Given
        token = generate_fake_token()
        recaptcha_response.return_value = {
            "success": False,
            "error-codes": [error_code],
        }

        # When
        with pytest.raises(ReCaptchaException):
            check_recaptcha_token_is_valid(token, ORIGINAL_ACTION, 0.5)
예제 #5
0
    def test_should_raise_when_token_is_too_old_or_already_used(
            self, recaptcha_response):
        # Given
        token = generate_fake_token()
        recaptcha_response.return_value = {
            "success": False,
            "error-codes": ["timeout-or-duplicate"],
        }

        # When
        with pytest.raises(InvalidRecaptchaTokenException):
            check_recaptcha_token_is_valid(token, ORIGINAL_ACTION, 0.5)
예제 #6
0
    def test_should_raise_exception_with_details(self, recaptcha_response):
        # Given
        token = generate_fake_token()
        recaptcha_response.return_value = {
            "success": False,
            "error-codes": ["first-error", "second-error"],
        }

        # When
        with pytest.raises(ReCaptchaException) as exception:
            check_recaptcha_token_is_valid(token, ORIGINAL_ACTION, 0.5)

        assert str(
            exception.value
        ) == "Encountered the following error(s): ['first-error', 'second-error']"
예제 #7
0
def create_account(body: serializers.AccountRequest) -> None:
    if settings.NATIVE_ACCOUNT_CREATION_REQUIRES_RECAPTCHA:
        try:
            check_recaptcha_token_is_valid(body.token, "submit", settings.RECAPTCHA_RESET_PASSWORD_MINIMAL_SCORE)
        except ReCaptchaException:
            raise ApiErrors({"token": "The given token is not invalid"})
    try:
        api.create_account(
            email=body.email,
            password=body.password,
            birthdate=body.birthdate,
            has_allowed_recommendations=body.has_allowed_recommendations,
            is_email_validated=False,
        )
    except UserAlreadyExistsException:
        user = find_user_by_email(body.email)
        api.request_password_reset(user)
예제 #8
0
    def test_should_raise_when_action_is_not_matching_the_original_action(
            self, recaptcha_response):
        # Given
        token = generate_fake_token()
        recaptcha_response.return_value = {
            "success": True,
            "score": 0.9,
            "action": "fake-action"
        }

        # When
        with pytest.raises(ReCaptchaException) as exception:
            check_recaptcha_token_is_valid(token, ORIGINAL_ACTION, 0.5)

        # Then
        assert str(
            exception.value
        ) == "The action 'fake-action' does not match 'submit' from the form"