112 |
112 |
|
113 |
113 |
assert User.objects.count() == 0
|
114 |
114 |
assert Event.objects.which_references(service).count() == 0
|
|
115 |
assert models.FcEmailVerificationToken.objects.count() == 0
|
115 |
116 |
response = franceconnect.handle_authorization(app, response.location, status=302)
|
116 |
117 |
assert 'fc-state' not in app.cookies
|
117 |
118 |
assert User.objects.count() == 1
|
... | ... | |
125 |
126 |
# check registration email
|
126 |
127 |
assert len(mailoutbox) == 1
|
127 |
128 |
assert mailoutbox[0].subject == 'Account creation using FranceConnect'
|
|
129 |
assert models.FcEmailVerificationToken.objects.count() == 1
|
|
130 |
token = models.FcEmailVerificationToken.objects.get()
|
|
131 |
assert len(str(token.value)) == 36
|
128 |
132 |
for body in (mailoutbox[0].body, mailoutbox[0].alternatives[0][0]):
|
129 |
133 |
assert 'Hi Ÿuñe Frédérique,' in body
|
130 |
134 |
assert 'You have just created an account using FranceConnect.' in body
|
131 |
135 |
assert 'You can complete your account validation' in body
|
|
136 |
assert f'https://testserver/fc/verify/{token.value}/' in body
|
132 |
137 |
|
133 |
138 |
assert user.verified_attributes.first_name == 'Ÿuñe'
|
134 |
139 |
assert user.verified_attributes.last_name == 'Frédérique'
|
... | ... | |
140 |
145 |
assert last_name_value.last_verified_on
|
141 |
146 |
assert first_name_value.verification_sources == ['fc']
|
142 |
147 |
assert last_name_value.verification_sources == ['fc']
|
|
148 |
|
|
149 |
assert not user.email_verified
|
|
150 |
resp = app.get(f'https://testserver/fc/verify/{token.value}/').follow()
|
|
151 |
assert resp.pyquery('li.info').text() == 'Your account is now verified.'
|
|
152 |
user.refresh_from_db()
|
|
153 |
assert user.email_verified
|
|
154 |
|
143 |
155 |
assert path(response.location) == '/idp/'
|
144 |
156 |
assert hooks.event[1]['kwargs']['name'] == 'login'
|
145 |
157 |
assert hooks.event[1]['kwargs']['service'] == service
|
... | ... | |
170 |
182 |
assert 'Your account link to FranceConnect has been deleted' in response
|
171 |
183 |
|
172 |
184 |
|
|
185 |
def test_email_verification_anonymous_user(app, simple_user):
|
|
186 |
token = models.FcEmailVerificationToken.create(user=simple_user)
|
|
187 |
token.sent = True
|
|
188 |
token.save()
|
|
189 |
|
|
190 |
resp = app.get(f'https://testserver/fc/verify/{token.value}/')
|
|
191 |
assert resp.location == f'/login/?next=/fc/verify/{token.value}/'
|
|
192 |
simple_user.refresh_from_db()
|
|
193 |
assert not simple_user.email_verified
|
|
194 |
|
|
195 |
resp = resp.follow()
|
|
196 |
resp.form.set('username', simple_user.username)
|
|
197 |
resp.form.set('password', simple_user.username)
|
|
198 |
resp = resp.form.submit(name='login-password-submit')
|
|
199 |
assert resp.location == f'/fc/verify/{token.value}/'
|
|
200 |
resp = resp.follow()
|
|
201 |
assert resp.location == '/accounts/'
|
|
202 |
resp = resp.follow()
|
|
203 |
assert resp.pyquery('li.info').text() == 'Your account is now verified.'
|
|
204 |
simple_user.refresh_from_db()
|
|
205 |
assert simple_user.email_verified
|
|
206 |
|
|
207 |
|
|
208 |
def test_email_verification_wrong_link(settings, app, franceconnect, hooks, service):
|
|
209 |
set_service(app, service)
|
|
210 |
response = app.get('/login/?next=/idp/')
|
|
211 |
response = response.click(href='callback')
|
|
212 |
franceconnect.handle_authorization(app, response.location, status=302)
|
|
213 |
user = User.objects.get()
|
|
214 |
|
|
215 |
# user is logged yet clicks on a wrong link
|
|
216 |
resp = app.get('https://testserver/fc/verify/01234567-aaaa-bbbb-cccc-abcdabdcabdc/').follow()
|
|
217 |
assert resp.pyquery('li.error').text() == 'Invalid account verification request.'
|
|
218 |
user.refresh_from_db()
|
|
219 |
assert not user.email_verified
|
|
220 |
|
|
221 |
|
|
222 |
def test_email_verification_expired(settings, app, franceconnect, hooks, service, freezer):
|
|
223 |
set_service(app, service)
|
|
224 |
response = app.get('/login/?next=/idp/')
|
|
225 |
response = response.click(href='callback')
|
|
226 |
response = franceconnect.handle_authorization(app, response.location, status=302)
|
|
227 |
user = User.objects.get()
|
|
228 |
token = models.FcEmailVerificationToken.objects.get()
|
|
229 |
assert not user.email_verified
|
|
230 |
|
|
231 |
freezer.move_to(datetime.timedelta(hours=50)) # too late by two hours
|
|
232 |
resp = app.get(f'https://testserver/fc/verify/{token.value}/').follow()
|
|
233 |
assert not resp.pyquery('li.info')
|
|
234 |
assert resp.pyquery('li.error').text() == 'Your account verification request has expired.'
|
|
235 |
user.refresh_from_db()
|
|
236 |
assert not user.email_verified
|
|
237 |
|
|
238 |
|
|
239 |
def test_email_verification_wrong_user(settings, app, franceconnect, user_ou1, hooks, service, mailoutbox):
|
|
240 |
set_service(app, service)
|
|
241 |
response = app.get('/login/?next=/idp/')
|
|
242 |
response = response.click(href='callback')
|
|
243 |
response = franceconnect.handle_authorization(app, response.location, status=302)
|
|
244 |
user = User.objects.get(ou=get_default_ou())
|
|
245 |
token = models.FcEmailVerificationToken.objects.get()
|
|
246 |
token.user = user_ou1
|
|
247 |
token.save()
|
|
248 |
|
|
249 |
assert not user.email_verified
|
|
250 |
resp = app.get(f'https://testserver/fc/verify/{token.value}/').follow()
|
|
251 |
assert not resp.pyquery('li.info')
|
|
252 |
assert resp.pyquery('li.error').text() == 'Invalid account verification request.'
|
|
253 |
user.refresh_from_db()
|
|
254 |
assert not user.email_verified
|
|
255 |
|
|
256 |
|
173 |
257 |
def test_create_no_unicode_collision(settings, app, franceconnect, hooks, service):
|
174 |
258 |
settings.A2_EMAIL_IS_UNIQUE = True
|
175 |
259 |
set_service(app, service)
|
176 |
|
-
|