api_fetch_api_key: Send new login emails for mobile.

2025-11-04 22:13:26 +00:00 · 2017-06-15 10:15:57 +05:00
parent 7e43cd5624
commit 34a91be9a2
2 changed files with 13 additions and 1 deletions
--- a/zerver/tests/test_auth_backends.py
+++ b/zerver/tests/test_auth_backends.py
@@ -1,5 +1,6 @@
 # -*- coding: utf-8 -*-
 from django.conf import settings
+from django.core import mail
 from django.http import HttpResponse
 from django.test import override_settings
 from django_auth_ldap.backend import _LDAPUser
@@ -1185,9 +1186,11 @@ class FetchAPIKeyTest(ZulipTestCase):
                                       password="wrong"))
        self.assert_json_error(result, "Your username or password is incorrect.", 403)

-    @override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleMobileOauth2Backend',))
+    @override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleMobileOauth2Backend',),
+                       SEND_LOGIN_EMAILS=True)
    def test_google_oauth2_token_success(self):
        # type: () -> None
+        self.assertEqual(len(mail.outbox), 0)
        with mock.patch(
                'apiclient.sample_tools.client.verify_id_token',
                return_value={
@@ -1198,6 +1201,7 @@ class FetchAPIKeyTest(ZulipTestCase):
                                      dict(username="google-oauth2-token",
                                           password="token"))
        self.assert_json_success(result)
+        self.assertEqual(len(mail.outbox), 1)

    @override_settings(AUTHENTICATION_BACKENDS=('zproject.backends.GoogleMobileOauth2Backend',))
    def test_google_oauth2_token_failure(self):
--- a/zerver/views/auth.py
+++ b/zerver/views/auth.py
@@ -31,6 +31,7 @@ from zerver.lib.validator import validate_login_email
 from zerver.models import PreregistrationUser, UserProfile, remote_user_to_email, Realm
 from zerver.views.registration import create_preregistration_user, get_realm_from_request, \
    redirect_and_log_into_subdomain
+from zerver.signals import email_on_new_login
 from zproject.backends import password_auth_enabled, dev_auth_enabled, \
    github_auth_enabled, google_auth_enabled, ldap_auth_enabled
 from version import ZULIP_VERSION
@@ -552,6 +553,13 @@ def api_fetch_api_key(request, username=REQ(), password=REQ()):
                              data={"reason": "unregistered"}, status=403)
        return json_error(_("Your username or password is incorrect."),
                          data={"reason": "incorrect_creds"}, status=403)
+
+    # Maybe sending 'user_logged_in' signal is the better approach:
+    #   user_logged_in.send(sender=user_profile.__class__, request=request, user=user_profile)
+    # Not doing this only because over here we don't add the user information
+    # in the session. If the signal receiver assumes that we do then that
+    # would cause problems.
+    email_on_new_login(sender=user_profile.__class__, request=request, user=user_profile)
    return json_success({"api_key": user_profile.api_key, "email": user_profile.email})

 def get_auth_backends_data(request):