From 7aa4b42d3e1ec9fa212d394a48015e797bc3c613 Mon Sep 17 00:00:00 2001 From: Andrew Buss Date: Tue, 5 May 2015 01:02:14 -0700 Subject: [PATCH] Fixed registration again? --- flashcards/tests/test_api.py | 33 +++++++++++++++++++++++++++------ flashcards/views.py | 11 ++++++++--- 2 files changed, 35 insertions(+), 9 deletions(-) diff --git a/flashcards/tests/test_api.py b/flashcards/tests/test_api.py index 6c59007..59bd167 100644 --- a/flashcards/tests/test_api.py +++ b/flashcards/tests/test_api.py @@ -35,25 +35,46 @@ class LoginTests(APITestCase): class RegistrationTest(APITestCase): def test_create_account(self): url = '/api/users/me' + + # missing password + data = {'email': 'none@none.com'} + response = self.client.post(url, data, format='json') + self.assertContains(response, 'password', status_code=400) + + # missing email + data = {'password': '1234'} + response = self.client.post(url, data, format='json') + self.assertContains(response, 'email', status_code=400) + + # create a user data = {'email': 'none@none.com', 'password': '1234'} response = self.client.post(url, data, format='json') self.assertEqual(response.status_code, HTTP_201_CREATED) + # user should not be confirmed user = User.objects.get(email="none@none.com") + self.assertFalse(user.is_confirmed) + + # check that the confirmation key was sent self.assertEqual(len(mail.outbox), 1) self.assertIn(user.confirmation_key, mail.outbox[0].body) + # log the user out + response = self.client.post('/api/logout', format='json') + self.assertEqual(response.status_code, 204) + + # log the user in with their registered credentials data = {'email': 'none@none.com', 'password': '1234'} response = self.client.post('/api/login', data, format='json') self.assertEqual(response.status_code, HTTP_200_OK) - data = {'email': 'none@none.com'} - response = self.client.post(url, data, format='json') - self.assertContains(response, 'password', status_code=400) + # try activating with an invalid key + response = self.client.patch(url, {'confirmation_key': 'NOT A KEY'}) + self.assertContains(response, 'confirmation_key is invalid', status_code=400) - data = {'password': '1234'} - response = self.client.post(url, data, format='json') - self.assertContains(response, 'email', status_code=400) + # try activating with the valid key + response = self.client.patch(url, {'confirmation_key': user.confirmation_key}) + self.assertTrue(response.data['is_confirmed']) class ProfileViewTest(APITestCase): diff --git a/flashcards/views.py b/flashcards/views.py index 46931db..53b1e66 100644 --- a/flashcards/views.py +++ b/flashcards/views.py @@ -10,6 +10,7 @@ from rest_framework.status import HTTP_204_NO_CONTENT, HTTP_401_UNAUTHORIZED, HT from rest_framework.views import APIView from rest_framework.response import Response from rest_framework.exceptions import AuthenticationFailed, NotAuthenticated, ValidationError +from simple_email_confirmation import EmailAddress class SectionViewSet(ReadOnlyModelViewSet): @@ -28,15 +29,19 @@ class UserDetail(APIView): """ data = UserUpdateSerializer(data=request.data, context={'user': request.user}) data.is_valid(raise_exception=True) + data = data.validated_data if 'new_password' in data: if not request.user.check_password(data['old_password']): raise ValidationError('old_password is incorrect') - request.user.set_password(request.data['new_password']) + request.user.set_password(data['new_password']) request.user.save() - if 'confirmation_key' in data and not request.user.confirm_email(data['confirmation_key']): - raise ValidationError('confirmation_key is invalid') + if 'confirmation_key' in data: + try: + request.user.confirm_email(data['confirmation_key']) + except EmailAddress.DoesNotExist: + raise ValidationError('confirmation_key is invalid') return Response(UserSerializer(request.user).data) -- 1.9.1