From 34a91be9a28e44d9a8ae93e259f33f410c99365a Mon Sep 17 00:00:00 2001 From: Umair Khan Date: Thu, 15 Jun 2017 10:15:57 +0500 Subject: [PATCH] api_fetch_api_key: Send new login emails for mobile. --- zerver/tests/test_auth_backends.py | 6 +++++- zerver/views/auth.py | 8 ++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/zerver/tests/test_auth_backends.py b/zerver/tests/test_auth_backends.py index 02a61f2087..9ba5e6cd55 100644 --- a/zerver/tests/test_auth_backends.py +++ b/zerver/tests/test_auth_backends.py @@ -1,5 +1,6 @@ # -*- coding: utf-8 -*- from django.conf import settings +from django.core import mail from django.http import HttpResponse from django.test import override_settings from django_auth_ldap.backend import _LDAPUser @@ -1185,9 +1186,11 @@ class FetchAPIKeyTest(ZulipTestCase): password="wrong")) self.assert_json_error(result, "Your username or password is incorrect.", 403) - @override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleMobileOauth2Backend',)) + @override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleMobileOauth2Backend',), + SEND_LOGIN_EMAILS=True) def test_google_oauth2_token_success(self): # type: () -> None + self.assertEqual(len(mail.outbox), 0) with mock.patch( 'apiclient.sample_tools.client.verify_id_token', return_value={ @@ -1198,6 +1201,7 @@ class FetchAPIKeyTest(ZulipTestCase): dict(username="google-oauth2-token", password="token")) self.assert_json_success(result) + self.assertEqual(len(mail.outbox), 1) @override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleMobileOauth2Backend',)) def test_google_oauth2_token_failure(self): diff --git a/zerver/views/auth.py b/zerver/views/auth.py index 77e807e0ec..720c1d9aff 100644 --- a/zerver/views/auth.py +++ b/zerver/views/auth.py @@ -31,6 +31,7 @@ from zerver.lib.validator import validate_login_email from zerver.models import PreregistrationUser, UserProfile, remote_user_to_email, Realm from zerver.views.registration import create_preregistration_user, get_realm_from_request, \ redirect_and_log_into_subdomain +from zerver.signals import email_on_new_login from zproject.backends import password_auth_enabled, dev_auth_enabled, \ github_auth_enabled, google_auth_enabled, ldap_auth_enabled from version import ZULIP_VERSION @@ -552,6 +553,13 @@ def api_fetch_api_key(request, username=REQ(), password=REQ()): data={"reason": "unregistered"}, status=403) return json_error(_("Your username or password is incorrect."), data={"reason": "incorrect_creds"}, status=403) + + # Maybe sending 'user_logged_in' signal is the better approach: + # user_logged_in.send(sender=user_profile.__class__, request=request, user=user_profile) + # Not doing this only because over here we don't add the user information + # in the session. If the signal receiver assumes that we do then that + # would cause problems. + email_on_new_login(sender=user_profile.__class__, request=request, user=user_profile) return json_success({"api_key": user_profile.api_key, "email": user_profile.email}) def get_auth_backends_data(request):