Merge pull request #118 from DanielGrams/issue/117-registration

Confirm user registration #117
2026-03-13 00:07:22 +00:00 · 2021-02-14 16:16:00 +01:00 · 2021-02-14 16:16:00 +01:00 · 37ddb2058d
commit 37ddb2058d
parent c3c0e472e7 f8c544ae15
5 changed files with 19 additions and 9 deletions
--- a/project/init.py
+++ b/project/init.py
@ -18,10 +18,10 @@ from project.custom_session_interface import CustomSessionInterface
 app = Flask(__name__)
 app.config["SQLALCHEMY_DATABASE_URI"] = os.environ["DATABASE_URL"]
 app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
-app.config["SECURITY_CONFIRMABLE"] = False
+app.config["SECURITY_CONFIRMABLE"] = True
 app.config["SECURITY_TRACKABLE"] = True
 app.config["SECURITY_REGISTERABLE"] = True
-app.config["SECURITY_SEND_REGISTER_EMAIL"] = False
+app.config["SECURITY_SEND_REGISTER_EMAIL"] = True
 app.config["SECURITY_RECOVERABLE"] = True
 app.config["SECURITY_CHANGEABLE"] = True
 app.config["SECURITY_EMAIL_SENDER"] = os.getenv("MAIL_DEFAULT_SENDER")
@ -104,13 +104,15 @@ from project.jsonld import DateTimeEncoder

 app.json_encoder = DateTimeEncoder

-from project.forms.security import ExtendedRegisterForm
+from project.forms.security import ExtendedConfirmRegisterForm

 # Setup Flask-Security
 from project.models import Role, User

 user_datastore = SQLAlchemySessionUserDatastore(db.session, User, Role)
-security = Security(app, user_datastore, register_form=ExtendedRegisterForm)
+security = Security(
+    app, user_datastore, confirm_register_form=ExtendedConfirmRegisterForm
+)
 app.session_interface = CustomSessionInterface()

 # OAuth2
--- a/project/forms/security.py
+++ b/project/forms/security.py
@ -1,5 +1,5 @@
 from flask_babelex import lazy_gettext
-from flask_security.forms import EqualTo, RegisterForm, get_form_field_label
+from flask_security.forms import ConfirmRegisterForm, EqualTo, get_form_field_label
 from flask_wtf import FlaskForm
 from wtforms import BooleanField, PasswordField, SubmitField
 from wtforms.validators import DataRequired
@ -7,7 +7,7 @@ from wtforms.validators import DataRequired
 from project.forms.common import get_accept_tos_markup


-class ExtendedRegisterForm(RegisterForm):
+class ExtendedConfirmRegisterForm(ConfirmRegisterForm):
    password = PasswordField(
        get_form_field_label("password"), validators=[DataRequired()]
    )
@ -21,7 +21,7 @@ class ExtendedRegisterForm(RegisterForm):
    accept_tos = BooleanField(validators=[DataRequired()])

    def __init__(self, *args, **kwargs):
-        super(ExtendedRegisterForm, self).__init__(*args, **kwargs)
+        super(ExtendedConfirmRegisterForm, self).__init__(*args, **kwargs)
        self._fields["accept_tos"].label.text = get_accept_tos_markup()


--- a/tests/seeder.py
+++ b/tests/seeder.py
@ -21,6 +21,8 @@ class Seeder(object):
    def create_user(
        self, email="test@test.de", password="MeinPasswortIstDasBeste", admin=False
    ):
+        from flask_security.confirmable import confirm_user
+
        from project.services.user import (
            add_admin_roles_to_user,
            create_user,
@ -32,6 +34,7 @@ class Seeder(object):

            if user is None:
                user = create_user(email, password)
+                confirm_user(user)

            if admin:
                add_admin_roles_to_user(email)
--- a/tests/utils.py
+++ b/tests/utils.py
@ -33,7 +33,7 @@ class UtilActions(object):
                follow_redirects=True,
            )
            assert response.status_code == 200
-            assert g.identity.user.email == email
+            self.assert_response_success_message(response)

    def login(self, email="test@test.de", password="MeinPasswortIstDasBeste"):
        from project.services.user import find_user_by_email
@ -210,6 +210,10 @@ class UtilActions(object):
        assert response.status_code == 200
        assert error_message in response.data

+    def assert_response_success_message(self, response, error_message=b"alert-success"):
+        assert response.status_code == 200
+        assert error_message in response.data
+
    def assert_response_permission_missing(self, response, endpoint, **values):
        self.assert_response_redirect(response, endpoint, **values)

--- a/tests/views/test_admin_unit.py
+++ b/tests/views/test_admin_unit.py
@ -12,7 +12,8 @@ def create_form_data(response, utils):


 def test_create(client, app, utils, seeder):
-    utils.register()
+    seeder.create_user()
+    utils.login()
    response = client.get("/admin_unit/create")
    assert response.status_code == 200