Commit graph

59 commits

Author SHA1 Message Date
Lisa Durand
0b0e47b7cd
change passwords in specs 2024-09-16 15:28:11 +02:00
simon lehericey
eaef5c7e39
readapt name and logic 2024-09-04 08:08:01 +00:00
mfo
c0970693f3
fix(associate_user.with_existing_one): does not leak existing email when trying to choose an alternative email with france connect 2024-09-04 08:05:54 +00:00
Kara Diaby
b6d0502f39
modifications après dernière review 2024-09-04 08:05:54 +00:00
mfo
88a4619dcb
feat(particulier#associate_user): catch email already taken and redirect to reset password 2024-09-04 08:05:53 +00:00
Kara Diaby
a4b8d816de
Tests 2024-09-04 08:05:53 +00:00
Colin Darie
77fb0553fc
chore: enable freeze string literals by comment 2024-08-22 09:26:48 +02:00
Colin Darie
8c0375fe6f
chore: easier to test .gouv / new host using APP_HOST 2024-04-02 19:36:39 +02:00
simon lehericey
e12dbe7aad use email_merge_token in email merge 2024-01-11 11:33:38 +01:00
simon lehericey
fca28a3ebd use email_merge_token in mail_merge_with_existing_account route 2024-01-11 11:33:38 +01:00
simon lehericey
65aa07ecbe the merge_token issued for password check can be reused for the confirmation by email route
Thus by passing the password check or the email possession check
2024-01-11 11:33:38 +01:00
Martin
92730e266b fix(FranceConnect): missing after_confirmation callback, leading to invalites invitations when user france connect 2023-12-26 15:00:15 +01:00
Martin
14b2fc30b2 tech(user.expiration): ne perds pas de vue qu'il faut mettre a jour le users.last_sign_in_at 2023-11-17 11:33:14 +01:00
Christian Lautier
db278e83ed add a constant for the most used test password 2023-08-31 13:40:05 +02:00
Paul Chavard
b0aa777315 refactor(ujs): france_connect controller to use turbo 2022-09-29 16:51:54 +02:00
François Vantomme
27ccf6bbdd
fix(france connect): stub application name in tests 2022-02-04 17:42:02 +01:00
Martin
fdf0f18fda fix(i18n): wrap text under i18n.t
i18n(france_connect/*): replace wording with i18n

fix(lint): i18n key issue

secu(views/france_connect/particulier/merge.html.haml): sanitize france_connect_email just in case

fix(brakeman): sanitize FCI.email_france_connect when used with html_safe via an I18n.t, also add exception to brakeman
2021-11-25 17:34:37 +01:00
Martin
21894d0a0a feat(france_connect/particulier#callback): in case the FC email exists as an DC account which is an instructor or and administrator, returns early to new_session_path so he can connect with this existing account 2021-11-25 17:34:36 +01:00
Martin
ff073f8884 Add confirmation by email when merging DC/FC accounts
feat(fci.confirmation_code): add confirmation code to france_connect_informations

feat(user_mailer.france_connect_confirmation_code): add confirmation by email mail method/preview/spec, pointing to merge_mail_with_existing_account (reuse existing method)

feat(mail_merge): mail merge

feat(merge.cannot_use_france_connect): same behaviour as callback

clean(fci.confirmation_code): use same token for mail validation as merge

feat(resend_france_connect/particulier/merge_confirmation): resend email with link. also enhance some trads, cleanup halfy finished refacto

clean(tech): finalize story by plugging merge_with_new_account to email validation

fix(deadspec): was removed

fix(spec): broken after last refactoring

lint(rubocop): space before parenthesis

lint(haml-lint): yoohoooo space before =

fix(lint): scss now :D

Update app/assets/stylesheets/buttons.scss

cleanup

feat(france_connect): re-add confirm by email, with an option for confirmation by email instead of only confirmation by email

fixup! Add confirmation by email when merging DC/FC accounts

fix(lint): haml_spec failure
2021-11-25 17:34:34 +01:00
simon lehericey
f54dfe6ead Do not raise error if user is nil
I do not get when it happens
2021-10-19 11:21:24 +02:00
simon lehericey
933d7b8c8d merge with another preexisting account 2021-10-14 14:47:50 +02:00
simon lehericey
ce40e1127d merge with another new account 2021-10-14 14:47:50 +02:00
simon lehericey
19f81b594b merge with an existing account by using the password 2021-10-14 14:47:50 +02:00
simon lehericey
218e4633a9 securely retrieve fci 2021-10-14 14:47:50 +02:00
simon lehericey
f7299da1e7 launch merge process if an unlinked DS account with the same email exists 2021-10-14 14:47:50 +02:00
simon lehericey
6826bf03b0 Sign in with a user linked by france connect sub (openid)
instead of looking linked user by email because :

- follows FC recommendation to fetch ds account by openid
- the email is not a valid key as many user can share the same FCI email.

The following scenario is now working

A user A (email: 1@mail.com) uses FC to connect to DS
=> It is connected as 1@mail.com

Another user B (email: generic@mail.com) uses FC to connect
=> It is connected as generic@mail.com

The first user A change its FC email to generic@mail.com and connect to DS
=> It is still connected as 1@mail.com
2021-10-14 14:47:50 +02:00
simon lehericey
2f470b25aa spec cleaning 2021-10-14 14:47:50 +02:00
simon lehericey
ccce724976 refactor as created fci must have an user_id 2021-05-05 14:36:34 +02:00
Christophe Robillard
a288a13805 disable france connect authentication for admin and instructeurs 2021-02-10 18:13:47 +01:00
maatinito
9de9a1fd71 Use time.zone functions instead of server time functions
(Time.zone.today vs Date.today)
2019-11-26 14:26:36 +01:00
Pierre de La Morinerie
6b27ac8514 france_connect: make existing user lookup case-insensitive
Fix #4053
2019-07-09 15:50:28 +02:00
Pierre de La Morinerie
d05bab3df3 france_connect: refactor specs 2019-07-09 15:50:28 +02:00
Pierre de La Morinerie
f5f7dfba40 france_connect: fix for params entirely missing from the callback
Fix a Sentry exception encountered in production.
2019-05-13 15:45:12 +02:00
simon lehericey
9475795143 fix spec 2018-10-26 10:10:20 +00:00
simon lehericey
f620e4aee2 DateTime.parse => Time.zone.parse 2018-10-26 10:10:20 +00:00
gregoirenovel
16a719922b Use enum to the fullest with User.loged_in_with_france_connects 2018-08-29 17:31:08 +02:00
gregoirenovel
b138dcd876 Enable the Layout/SpaceInsideHashLiteralBraces cop 2018-01-18 10:53:35 +01:00
Simon Lehericey
d70b6f4af0 FC ParticulierController: cleaner update attribute 2018-01-17 16:37:26 +01:00
Simon Lehericey
2651c5e029 FC ParticulierControllerSpec: final clean 2018-01-17 16:37:26 +01:00
Simon Lehericey
69c121a879 FC ParticulierControllerSpec: simplify ... well you know 2018-01-17 16:37:26 +01:00
Simon Lehericey
570f779bb2 FC ParticulierControllerSpec: without an associate user, better test 2018-01-17 16:37:26 +01:00
Simon Lehericey
b2f59e2b14 FC ParticulierControllerSpec: simplify without an associate user 2018-01-17 16:37:26 +01:00
Simon Lehericey
e1ac33f420 FC ParticulierControllerSpec: simplifier with an associate user case 2018-01-17 16:37:26 +01:00
Simon Lehericey
49f5d570ed FC ParticulierControllerSpec: mutualize subject 2018-01-17 16:37:26 +01:00
Simon Lehericey
ab02f796b3 FC ParticulierControllerSpec: one liner expectation 2018-01-17 16:37:26 +01:00
Simon Lehericey
4008d8e44d FC ParticulierControllerSpec: remove unless context 2018-01-17 16:37:26 +01:00
Simon Lehericey
28bf45e536 FC ParticulierControllerSpec: use controller to store_location 2018-01-17 16:37:26 +01:00
Simon Lehericey
ab116895b7 FC ParticulierControllerSpec: remove one context 2018-01-17 16:37:26 +01:00
simon lehericey
4f86b6305b FC ParticulierControllerSpec: callback handle empty string 2018-01-17 16:37:26 +01:00
simon lehericey
9b6b6bde97 FC ParticulierControllerSpec: simplier auth spec 2018-01-17 16:37:26 +01:00