From 8a68ac0d5b85f896dd59042c207bc63c3d026f7d Mon Sep 17 00:00:00 2001 From: 0livd Date: Fri, 15 Dec 2017 17:10:28 +0100 Subject: Use token based auth in invitation e-mails (#280) * Use token based auth in invitation e-mails Invitation e-mails no longer contain the clear text project password * Skip invite page after project creation - Replace ``The project identifier is demo, remember it!`` by ``Invite other people to join this project!`` (linking to the invite page) - Encourage users to share the project password via other communication means in the reminder email --- ihatemoney/tests/tests.py | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'ihatemoney/tests') diff --git a/ihatemoney/tests/tests.py b/ihatemoney/tests/tests.py index 123ea36..a421762 100644 --- a/ihatemoney/tests/tests.py +++ b/ihatemoney/tests/tests.py @@ -152,6 +152,29 @@ class BudgetTestCase(IhatemoneyTestCase): # only one message is sent to multiple persons self.assertEqual(len(outbox), 0) + def test_invite(self): + """Test that invitation e-mails are sent properly + """ + self.login("raclette") + self.post_project("raclette") + with self.app.mail.record_messages() as outbox: + self.client.post("/raclette/invite", + data={"emails": 'toto@notmyidea.org'}) + self.assertEqual(len(outbox), 1) + url_start = outbox[0].body.find('You can log in using this link: ') + 32 + url_end = outbox[0].body.find('.\n', url_start) + url = outbox[0].body[url_start:url_end] + self.client.get("/exit") + # Test that we got a valid token + resp = self.client.get(url, follow_redirects=True) + self.assertIn('You probably want to