lucaspalomodevelop/eventcally
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/eventcally.git synced 2026-03-13 00:07:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Confirmation instruction on reset/forgot #462

Browse Source
This commit is contained in:
Daniel Grams 2023-05-04 14:01:37 +02:00
parent be86363dc4
commit 9d079d96a8
3 changed files with 45 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
project/__init__.py
View File

@ -209,7 +209,11 @@ from project.jsonld import CustomJsonProvider
app.json_provider_class = CustomJsonProvider app.json_provider_class = CustomJsonProvider
from project.forms.security import ExtendedConfirmRegisterForm, ExtendedLoginForm from project.forms.security import (
ExtendedConfirmRegisterForm,
ExtendedForgotPasswordForm,
ExtendedLoginForm,
)
# Setup Flask-Security # Setup Flask-Security
from project.models import Role, User from project.models import Role, User
@ -220,6 +224,7 @@ security = Security(
user_datastore, user_datastore,
confirm_register_form=ExtendedConfirmRegisterForm, confirm_register_form=ExtendedConfirmRegisterForm,
login_form=ExtendedLoginForm, login_form=ExtendedLoginForm,
forgot_password_form=ExtendedForgotPasswordForm,
) )
app.session_interface = CustomSessionInterface() app.session_interface = CustomSessionInterface()

16
project/forms/security.py
View File

@ -3,6 +3,7 @@ from flask_security import url_for_security
from flask_security.forms import ( from flask_security.forms import (
ConfirmRegisterForm, ConfirmRegisterForm,
EqualTo, EqualTo,
ForgotPasswordForm,
LoginForm, LoginForm,
get_form_field_label, get_form_field_label,
) )
@ -53,6 +54,21 @@ class ExtendedLoginForm(LoginForm):
return result return result
class ExtendedForgotPasswordForm(ForgotPasswordForm):
def validate(self, **kwargs):
result = super().validate(**kwargs)
if not result and self.requires_confirmation:
flash_message(
gettext("login_confirmation_required"),
url_for_security("send_confirmation"),
localize_callback("Resend confirmation instructions"),
"danger",
)
return result
class AuthorizeForm(FlaskForm): class AuthorizeForm(FlaskForm):
allow = SubmitField(lazy_gettext("Allow")) allow = SubmitField(lazy_gettext("Allow"))
deny = SubmitField(lazy_gettext("Deny")) deny = SubmitField(lazy_gettext("Deny"))

23
tests/views/test_user.py
View File

@ -114,6 +114,29 @@ def test_login_flash(client, seeder, utils):
) )
def test_forgot_reset_flash(client, seeder, utils):
email = "test@test.de"
password = "MeinPasswortIstDasBeste"
seeder.create_user(email, password, confirm=False)
response = client.get("/login")
assert response.status_code == 200
with client:
response = client.post(
"/reset",
data={
"email": email,
"csrf_token": utils.get_csrf(response),
"submit": "Passwort wiederherstellen",
},
)
utils.assert_response_error_message(
response, "Beachte, dass du deine E-Mail-Adresse bestätigen muss."
)
@pytest.mark.parametrize("db_error", [True, False]) @pytest.mark.parametrize("db_error", [True, False])
@pytest.mark.parametrize("non_match", [True, False]) @pytest.mark.parametrize("non_match", [True, False])
def test_user_request_deletion( def test_user_request_deletion(