forked from openwisp/openwisp-radius
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[change!] Allowed username and phone_number in password reset API
**Backward incompatible change**: The password reset API endpoint now accepts "input" parameter instead of "email".
- Loading branch information
Showing
4 changed files
with
56 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -668,9 +668,13 @@ def test_api_password_change(self): | |
self.assertEqual(response.status_code, 401) | ||
|
||
@capture_any_output() | ||
@mock.patch('openwisp_users.settings.AUTH_BACKEND_AUTO_PREFIXES', ['+33']) | ||
def test_api_password_reset(self): | ||
test_user = User.objects.create_user( | ||
username='test_name', password='test_password', email='[email protected]' | ||
username='test_name', | ||
password='test_password', | ||
email='[email protected]', | ||
phone_number='+33675579231', | ||
) | ||
self._create_org_user(organization=self.default_org, user=test_user) | ||
mail_count = len(mail.outbox) | ||
|
@@ -692,20 +696,20 @@ def test_api_password_reset(self): | |
self.assertEqual(response.status_code, 400) | ||
|
||
# email does not exist in database | ||
reset_payload = {'email': '[email protected]'} | ||
reset_payload = {'input': '[email protected]'} | ||
response = self.client.post(password_reset_url, data=reset_payload) | ||
self.assertEqual(response.status_code, 404) | ||
|
||
# email not registered with org | ||
User.objects.create_user( | ||
username='test_name1', password='test_password', email='[email protected]' | ||
) | ||
reset_payload = {'email': '[email protected]'} | ||
reset_payload = {'input': '[email protected]'} | ||
response = self.client.post(password_reset_url, data=reset_payload) | ||
self.assertEqual(response.status_code, 400) | ||
|
||
# valid payload | ||
reset_payload = {'email': '[email protected]'} | ||
reset_payload = {'input': '[email protected]'} | ||
response = self.client.post(password_reset_url, data=reset_payload) | ||
self.assertEqual(len(mail.outbox), mail_count + 1) | ||
email = mail.outbox.pop() | ||
|
@@ -780,6 +784,29 @@ def test_api_password_reset(self): | |
login_response = self.client.post(login_url, data=login_payload) | ||
self.assertEqual(login_response.status_code, 200) | ||
|
||
with self.subTest('Test reset password with username'): | ||
reset_payload = {'input': test_user.username} | ||
response = self.client.post(password_reset_url, data=reset_payload) | ||
self.assertEqual(response.status_code, 200) | ||
self.assertEqual(len(mail.outbox), mail_count + 1) | ||
mail.outbox.pop() | ||
|
||
with self.subTest('Test reset password with phone_number'): | ||
reset_payload = {'input': test_user.phone_number} | ||
response = self.client.post(password_reset_url, data=reset_payload) | ||
self.assertEqual(response.status_code, 200) | ||
self.assertEqual(len(mail.outbox), mail_count + 1) | ||
mail.outbox.pop() | ||
|
||
with self.subTest( | ||
'Test reset password with phone_number without country prefix' | ||
): | ||
reset_payload = {'input': test_user.phone_number.national_number} | ||
response = self.client.post(password_reset_url, data=reset_payload) | ||
self.assertEqual(response.status_code, 200) | ||
self.assertEqual(len(mail.outbox), mail_count + 1) | ||
mail.outbox.pop() | ||
|
||
def test_api_password_reset_405(self): | ||
password_reset_url = reverse( | ||
'radius:rest_password_reset', args=[self.default_org.slug] | ||
|
@@ -873,7 +900,7 @@ def _test_user_reset_password_helper(self, is_active, mocked_send): | |
org = self._get_org() | ||
self._create_org_user(user=user, organization=org) | ||
path = reverse('radius:rest_password_reset', args=[org.slug]) | ||
r = self.client.post(path, {'email': user.email}) | ||
r = self.client.post(path, {'input': user.email}) | ||
self.assertEqual(r.status_code, 200) | ||
self.assertEqual(r.data['detail'], 'Password reset e-mail has been sent.') | ||
mocked_send.assert_called_once() | ||
|