adding forgot email endpoint

codeforboston · Apr 5, 2024 · d57022d · d57022d
1 parent ebaf9a6
commit d57022d
Show file tree

Hide file tree

Showing 3 changed files with 122 additions and 18 deletions.
diff --git a/backend/config.py b/backend/config.py
@@ -27,28 +27,28 @@ class Config(object):
     Put all of the information in your dotenv
     config file
     """
-    MAIL_SERVER = os.environ.get("MAIL_SERVER")
-    MAIL_PORT = os.environ.get("MAIL_PORT")
-    MAIL_USE_SSL = bool(os.environ.get("MAIL_USE_SSL"))
-    MAIL_USE_TLS = bool(os.environ.get("MAIL_USER_TLS"))
-    MAIL_USERNAME = os.environ.get("MAIL_USERNAME")
-    MAIL_PASSWORD = os.environ.get("MAIL_PASSWORD")
-    MAIL_DEFAULT_SENDER = os.environ.get(
-        "MAIL_DEFAULT_SENDER",
-        "National Police Data Coalition <{email}>".format(
-              email=MAIL_USERNAME),
-    )
+    # MAIL_SERVER = os.environ.get("MAIL_SERVER")
+    # MAIL_PORT = os.environ.get("MAIL_PORT")
+    # MAIL_USE_SSL = bool(os.environ.get("MAIL_USE_SSL"))
+    # MAIL_USE_TLS = bool(os.environ.get("MAIL_USER_TLS"))
+    # MAIL_USERNAME = os.environ.get("MAIL_USERNAME")
+    # MAIL_PASSWORD = os.environ.get("MAIL_PASSWORD")
+    # MAIL_DEFAULT_SENDER = os.environ.get(
+    #     "MAIL_DEFAULT_SENDER",
+    #     "National Police Data Coalition <{email}>".format(
+    #           email=MAIL_USERNAME),
+    # )
 
     """
     Testing configurations with Mailtrap Email testing, all the configurations
     will be different--go to mailtrap for more information
     """
-    # MAIL_SERVER = 'sandbox.smtp.mailtrap.io'
-    # MAIL_PORT = 2525
-    # MAIL_USERNAME = '30a682ceaa0416'
-    # MAIL_PASSWORD = 'dbf502527604b1'
-    # MAIL_USE_TLS = True
-    # MAIL_USE_SSL = False
+    MAIL_SERVER = 'sandbox.smtp.mailtrap.io'
+    MAIL_PORT = 2525
+    MAIL_USERNAME = '30a682ceaa0416'
+    MAIL_PASSWORD = 'dbf502527604b1'
+    MAIL_USE_TLS = True
+    MAIL_USE_SSL = False
 
     # Flask-User settings
     USER_APP_NAME = (

diff --git a/backend/routes/auth.py b/backend/routes/auth.py
@@ -1,4 +1,4 @@
-from flask import Blueprint, jsonify, request
+from flask import Blueprint, jsonify, request, current_app
 from flask_cors import cross_origin
 from flask_jwt_extended import (
     create_access_token,
@@ -13,6 +13,8 @@
 from ..database import User, UserRole, db, Invitation, StagedInvitation
 from ..dto import LoginUserDTO, RegisterUserDTO
 from ..schemas import UserSchema, validate
+from flask_mail import Message
+from ..config import TestingConfig
 
 bp = Blueprint("auth", __name__, url_prefix="/api/v1/auth")
 
@@ -198,3 +200,47 @@ def reset_password():
     user.password = user_manager.hash_password(body.password)
     db.session.commit()
     return {"message": "Password successfully changed"}, 200
+
+
+class PhoneDTO(BaseModel):
+    phoneNumber : str
+
+
+"""
+Endpoint to use when user has forgotten their
+Username/Email
+Username in this case is email of the user
+"""
+
+
+@bp.route("/forgotUsername", methods=["POST"])
+@validate(auth=False, json=PhoneDTO)
+def send_email():
+    body: PhoneDTO = request.context.json
+    if not body.phoneNumber:
+        return {
+            "status": "Error",
+            "message": "Message request body empty"
+        }, 400
+    user_obj = User.query.filter_by(
+        phone_number=body.phoneNumber
+    ).first()
+    mail = current_app.extensions.get('mail')
+    if not user_obj:
+        return {
+            "status" : "Error",
+            "message" : "No account with the request phone number found"
+        }, 400
+    else:
+        # change TestingConfig email to Production Config in Prod
+        msg = Message("Your Username for National Police Data Coalition",
+                      sender=TestingConfig.MAIL_USERNAME,
+                      recipients=['[email protected]'])
+        msg.body = f"The account email associated with {body.phoneNumber} is \
+                    {user_obj.email}"
+        mail.send(msg)
+        return {
+                "status": "ok",
+                "message" : "Email sent to the user notifying them \
+                    of their username"
+        } , 200
diff --git a/backend/tests/test_auth.py b/backend/tests/test_auth.py
@@ -148,3 +148,61 @@ def test_reset_password(client, example_user, use_correct_token):
 
 def test_access_token_fixture(access_token):
     assert len(access_token) > 0
+
+
+"""
+Forgot username test
+"""
+
+
+def test_forgot_username(
+        client,
+        db_session
+
+):
+    """
+    register a new user
+    use the forgot email/username endpoint to see
+    if email is sent
+    """
+
+    res = client.post(
+        "api/v1/auth/register",
+        json={
+            "email": "[email protected]",
+            "password": "examplepassword123",
+            "phoneNumber": "123456789"
+        },
+    )
+    res = client.post(
+        "api/v1/auth/forgotUsername",
+        json={
+            "phoneNumber": "123456789"
+        },
+    )
+    res.status_code == 200
+
+
+"""Phone Number doesnot exist in DB
+"""
+
+
+def test_forgot_username_no_phone(
+        client,
+):
+    """
+    register a new user
+    use the forgot email/username endpoint to see
+    if email is sent
+    """
+    res = client.post(
+        "api/v1/auth/forgotUsername",
+        json={
+            "phoneNumber": "123456789"
+        },
+    )
+    assert res.status_code == 400
+    user_obj = User.query.filter_by(
+        phone_number="123456789"
+    ).first()
+    assert user_obj is None