Merge pull request #3270 from betagouv/fix_3269_multiple_login_emails
[fix #3269] bufferize login token email
This commit is contained in:
commit
c8560d4c3d
5 changed files with 81 additions and 19 deletions
|
@ -30,8 +30,8 @@ class Users::SessionsController < Sessions::SessionsController
|
|||
redirect_to after_sign_in_path_for(:user)
|
||||
else
|
||||
gestionnaire = current_gestionnaire
|
||||
login_token = gestionnaire.login_token!
|
||||
GestionnaireMailer.send_login_token(gestionnaire, login_token).deliver_later
|
||||
|
||||
send_login_token_or_bufferize(gestionnaire)
|
||||
|
||||
[:user, :gestionnaire, :administrateur].each { |role| sign_out(role) }
|
||||
|
||||
|
@ -103,6 +103,13 @@ class Users::SessionsController < Sessions::SessionsController
|
|||
|
||||
private
|
||||
|
||||
def send_login_token_or_bufferize(gestionnaire)
|
||||
if !gestionnaire.young_login_token?
|
||||
login_token = gestionnaire.login_token!
|
||||
GestionnaireMailer.send_login_token(gestionnaire, login_token).deliver_later
|
||||
end
|
||||
end
|
||||
|
||||
def error_procedure
|
||||
session["user_return_to"] = nil
|
||||
flash.alert = t('errors.messages.procedure_not_found')
|
||||
|
|
|
@ -3,7 +3,8 @@ class Gestionnaire < ApplicationRecord
|
|||
include EmailSanitizableConcern
|
||||
include ActiveRecord::SecureToken
|
||||
|
||||
LOGIN_TOKEN_VALIDITY = 30.minutes
|
||||
LOGIN_TOKEN_VALIDITY = 45.minutes
|
||||
LOGIN_TOKEN_YOUTH = 15.minutes
|
||||
|
||||
devise :database_authenticatable, :registerable, :async,
|
||||
:recoverable, :rememberable, :trackable, :validatable
|
||||
|
@ -211,6 +212,11 @@ class Gestionnaire < ApplicationRecord
|
|||
save
|
||||
end
|
||||
|
||||
def young_login_token?
|
||||
login_token_created_at.present? &&
|
||||
LOGIN_TOKEN_YOUTH.ago < login_token_created_at
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def annotations_hash(demande, annotations_privees, avis, messagerie)
|
||||
|
|
|
@ -9,6 +9,9 @@
|
|||
|
||||
%p.mail
|
||||
Ouvrez votre boite email <b>#{@email}</b> puis cliquez sur le lien d'activation du message <b>Connexion sécurisée à demarches-simplifiees.fr</b>.
|
||||
%br
|
||||
%br
|
||||
<b>Attention</b>, ce message peut mettre jusqu'à <b>15 minutes</b> pour arriver.
|
||||
|
||||
%p.help
|
||||
En cas de difficultés, nous restons joignables sur #{link_to 'contact@demarches-simplifiees.fr', 'mailto:contact@demarches-simplifiees.fr'}.
|
||||
|
|
|
@ -17,6 +17,10 @@ describe Users::SessionsController, type: :controller do
|
|||
|
||||
before do
|
||||
allow(controller).to receive(:trusted_device?).and_return(trusted_device)
|
||||
allow(GestionnaireMailer).to receive(:send_login_token).and_return(double(deliver_later: true))
|
||||
end
|
||||
|
||||
subject do
|
||||
post :create, params: { user: { email: email, password: send_password } }
|
||||
user.reload
|
||||
end
|
||||
|
@ -25,28 +29,47 @@ describe Users::SessionsController, type: :controller do
|
|||
let(:trusted_device) { false }
|
||||
|
||||
it 'redirects to the confirmation link path' do
|
||||
expect(subject).to redirect_to link_sent_path(email: email)
|
||||
subject
|
||||
|
||||
expect(controller).to redirect_to link_sent_path(email: email)
|
||||
|
||||
# do not know why, should be test related
|
||||
expect(subject.current_user).to eq(user)
|
||||
expect(controller.current_user).to eq(user)
|
||||
|
||||
expect(subject.current_gestionnaire).to be(nil)
|
||||
expect(subject.current_administrateur).to be(nil)
|
||||
expect(user.reload.loged_in_with_france_connect).to be(nil)
|
||||
expect(controller.current_gestionnaire).to be(nil)
|
||||
expect(controller.current_administrateur).to be(nil)
|
||||
expect(user.loged_in_with_france_connect).to be(nil)
|
||||
expect(GestionnaireMailer).to have_received(:send_login_token)
|
||||
end
|
||||
|
||||
context 'and the user try to connect multiple times in a short period' do
|
||||
before do
|
||||
allow_any_instance_of(Gestionnaire).to receive(:young_login_token?).and_return(true)
|
||||
allow(GestionnaireMailer).to receive(:send_login_token)
|
||||
end
|
||||
|
||||
it 'does not renew nor send a new login token' do
|
||||
subject
|
||||
|
||||
expect(GestionnaireMailer).not_to have_received(:send_login_token)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the device is trusted' do
|
||||
it 'signs in as user, gestionnaire and adminstrateur' do
|
||||
expect(@response.redirect?).to be(true)
|
||||
expect(subject).not_to redirect_to link_sent_path(email: email)
|
||||
# TODO when signing in as non-administrateur, and not starting a demarche, log in to gestionnaire path
|
||||
# expect(subject).to redirect_to gestionnaire_procedures_path
|
||||
subject
|
||||
|
||||
expect(subject.current_user).to eq(user)
|
||||
expect(subject.current_gestionnaire).to eq(gestionnaire)
|
||||
expect(subject.current_administrateur).to eq(administrateur)
|
||||
expect(response.redirect?).to be(true)
|
||||
expect(controller).not_to redirect_to link_sent_path(email: email)
|
||||
# TODO when signing in as non-administrateur, and not starting a demarche, log in to gestionnaire path
|
||||
# expect(controller).to redirect_to gestionnaire_procedures_path
|
||||
|
||||
expect(controller.current_user).to eq(user)
|
||||
expect(controller.current_gestionnaire).to eq(gestionnaire)
|
||||
expect(controller.current_administrateur).to eq(administrateur)
|
||||
expect(user.loged_in_with_france_connect).to be(nil)
|
||||
expect(GestionnaireMailer).not_to have_received(:send_login_token)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -54,10 +77,12 @@ describe Users::SessionsController, type: :controller do
|
|||
let(:send_password) { 'wrong_password' }
|
||||
|
||||
it 'fails to sign in with bad credentials' do
|
||||
expect(@response.unauthorized?).to be(true)
|
||||
expect(subject.current_user).to be(nil)
|
||||
expect(subject.current_gestionnaire).to be(nil)
|
||||
expect(subject.current_administrateur).to be(nil)
|
||||
subject
|
||||
|
||||
expect(response.unauthorized?).to be(true)
|
||||
expect(controller.current_user).to be(nil)
|
||||
expect(controller.current_gestionnaire).to be(nil)
|
||||
expect(controller.current_administrateur).to be(nil)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -412,6 +412,27 @@ describe Gestionnaire, type: :model do
|
|||
end
|
||||
end
|
||||
|
||||
describe '#young_login_token?' do
|
||||
let!(:gestionnaire) { create(:gestionnaire) }
|
||||
|
||||
context 'when there is a token' do
|
||||
let!(:good_token) { gestionnaire.login_token! }
|
||||
|
||||
context 'when the token has just been created' do
|
||||
it { expect(gestionnaire.young_login_token?).to be true }
|
||||
end
|
||||
|
||||
context 'when the token is a bit old' do
|
||||
before { gestionnaire.update(login_token_created_at: (Gestionnaire::LOGIN_TOKEN_YOUTH + 1.minute).ago) }
|
||||
it { expect(gestionnaire.young_login_token?).to be false }
|
||||
end
|
||||
end
|
||||
|
||||
context 'when there are no token' do
|
||||
it { expect(gestionnaire.young_login_token?).to be false }
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def assign(procedure_to_assign)
|
||||
|
|
Loading…
Reference in a new issue