Add phone to User Profile #1698
Conversation
valaparthvi
force-pushed
the
additional-login-options
branch
from
21001c8 to
309b69c
Compare
valaparthvi
force-pushed
the
phone/EditProfile
branch
from
eb7c8f9 to
ac2bd86
Compare
There was a problem hiding this comment.
The code looks mostly ok, there are some tests missing (I think) and the code can be improved here and there.
The functionality is ok; when you're finished with all your other tasks, we should verify that all of the emails and texts are send as expected when users change their info or passwords I believe some are missing, but I haven't looked in detail. Let's not bother with this now and make this a follow-up task.
| @@ -0,0 +1 @@ | |||
| <span class="site-name">local</span> | |||
There was a problem hiding this comment.
This file is listed in .gitignore and shouldn't be committed.
There was a problem hiding this comment.
I don't know for some reason this file keeps deleting itself, and then I have to re-add it every time.
There was a problem hiding this comment.
Run vagrant up --provision when it's gone. But this file must not be committed.
There was a problem hiding this comment.
This file is still committed. Please remove it from your branch
cadasta/accounts/forms.py
Outdated
| @@ -143,25 +158,56 @@ def clean_password(self): | |||
| raise forms.ValidationError( | |||
| _("Please provide the correct password for your account.")) | |||
|
|
|||
| def clean_phone(self): | |||
| phone = self.data.get('phone') | |||
| if self.instance.phone != phone: | |||
There was a problem hiding this comment.
I think this condition is not needed. self.instance.phone != phone always becomes True unless instance.phone is already None. So there's no harm in always setting phone = None if phone is empty.
There was a problem hiding this comment.
Got it, I was trying to write code similar to what was defined in clean_email. But as you said, it is not required to check both the phones, although it would've been required if unique was not set True for phone in the User model. I think it's safe to remove self.instance.email != email as well.
There was a problem hiding this comment.
Yes, I agree; self.instance.email != email can be removed as well
cadasta/accounts/forms.py
Outdated
| def clean_email(self): | ||
| email = self.data.get('email') | ||
| if self.instance.email != email: | ||
| if User.objects.filter(email=email).exists(): |
There was a problem hiding this comment.
I removed that because, we have set unique=True for email in User model, and if a user with that email address already exists, that error will be automatically raised by Django.
| @@ -673,6 +696,338 @@ def test_sanitize(self): | |||
| assert form.is_valid() is False | |||
| assert SANITIZE_ERROR in form.errors.get('username') | |||
|
|
|||
| def test_update_phone_only(self): | |||
There was a problem hiding this comment.
Two test cases are missing here, which are defined in the specification:
- User changes phone number and removes verified email address
- User changes email address and removes verified phone number
There was a problem hiding this comment.
Ah, I did write those test cases, but I remember asking you if we should allow a user to change email or phone even if they have unverified phone or email linked to their account, you said it was okay, and so I deleted those test cases. I'll add them again, and I think it's better to write more generalized test cases,
- User changes phone number and removes email address
- User changes email address and removes phone number
There was a problem hiding this comment.
What I meant is when a user changes their phone and removes the email address (both are verified, not unverified). Then you should send a text to the new phone number
There was a problem hiding this comment.
I think it's better if I cover those test cases once I've implemented Twilio. Currently, no message is sent when user changes or removes phone/email.
cadasta/accounts/tests/test_forms.py
Outdated
| assert '[email protected]' in mail.outbox[1].to | ||
|
|
||
| with pytest.raises(EmailAddress.DoesNotExist): | ||
| EmailAddress.objects.get(email="[email protected]") |
There was a problem hiding this comment.
write assert EmailAddress.objects.filter(email="[email protected]").exists() is False
| } | ||
| form = forms.ProfileForm(data=data, instance=user) | ||
| assert form.is_valid() is False | ||
| assert (phone_format in form.errors.get('phone')) |
There was a problem hiding this comment.
Can you add an assertion here that the correct error message is in form.errors.get('phone')?
There was a problem hiding this comment.
Did I not do that already? Um, I don't understand what you're trying to suggest. Should I assert against the actual message instead of just writing phone_format?
| _("You cannot leave both phone and email empty.")) | ||
| return data | ||
|
|
||
| def validate_email(self, email): |
There was a problem hiding this comment.
I think, you write this method way shorter; something along the lines of:
if (instance and email != instance.email and
self.context['request'].user != instance):
raise serializers.ValidationError('Cannot update email')
if instance and instance.email == email:
return email
if email:
email = email.casefold()
if EmailAddress.objects.filter(email=email):
raise serializers.ValidationError(
_("User with this Email address already exists."))
else:
email = None
return emailThere was a problem hiding this comment.
Awesome! This is the code I was talking about when I said that I need to make the code I write more efficient and DRY.
cadasta/accounts/serializers.py
Outdated
| email = None | ||
| return email | ||
|
|
||
| def validate_phone(self, phone): |
There was a problem hiding this comment.
This can be shortened as well, similar to validate_email
cadasta/accounts/serializers.py
Outdated
| if (instance.email != email): | ||
| if email: | ||
| email = email.casefold() | ||
| if EmailAddress.objects.filter(email=email): |
There was a problem hiding this comment.
Here a comment would help to point out we're checking that no unverified emails with that address exist.
| assert self.user.phone == '+12345678990' | ||
| assert self.user.phone_verified is True | ||
|
|
||
| def test_keep_phone_number(self): |
There was a problem hiding this comment.
I don't fully understand the purpose of this test. especially, why you are creating a VerificationDevice instance and why you check that it still exists after the update.
There was a problem hiding this comment.
Um my bad, I must've added VerificationDevice instance to make sure the code I wrote worked fine, I was not very confident about it. I'll remove that.
And this test makes sure that a verification token is not sent to the user if they've not changed their phone number. It's similar to test_keep_email_address.
There was a problem hiding this comment.
And this test makes sure that a verification token is not sent to the user if they've not changed their phone number.
But there's no assertion to verify this. I assume you need to check that no VerificationDevice instance exists.
There was a problem hiding this comment.
If user is not redirected to the verification page, it would mean that the token was not sent. assert response.status_code ==200 makes sure of that. I don't think checking whether VerificationDevice instance exists would be of any help. I'm not sure if I've confirmed this with you, but should I delete VerificationDevice instance once the phone number has been verified?
There was a problem hiding this comment.
How does a HTTP status code verify that you haven't sent the token? If you update the user profile and the user keeps their email address you want to verify that no token is sent. Checking for the status code does verify that how would it?
Also deleting the VerificationDevice instance when the number is confirmed is unrelated. Just add a line to check if that there's no VerificationDevice instance.
valaparthvi
force-pushed
the
additional-login-options
branch
from
309b69c to
bbf4843
Compare
Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes
Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes Phone registration page, and authentication backend
changes corresponding to setting user as OneToOneField in VerificationDevice add phone_format, instead of message Remove unnecessary lines of code and add required tests Check if new email/phone updated by user exists in EmailAddress/VerificationDevice, make sure user is redirected to AccountVerification Page only when they update phone, add tests for the same. delete identifier.html change to tests
valaparthvi
force-pushed
the
phone/EditProfile
branch
from
14bac19 to
064153b
Compare
* Phone registration page, and authentication backend Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes * Phone registration page, and authentication backend Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes Phone registration page, and authentication backend * Edit Profile Page changes corresponding to setting user as OneToOneField in VerificationDevice add phone_format, instead of message Remove unnecessary lines of code and add required tests Check if new email/phone updated by user exists in EmailAddress/VerificationDevice, make sure user is redirected to AccountVerification Page only when they update phone, add tests for the same. delete identifier.html change to tests
* Phone registration page, and authentication backend Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes * Phone registration page, and authentication backend Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes Phone registration page, and authentication backend * Edit Profile Page changes corresponding to setting user as OneToOneField in VerificationDevice add phone_format, instead of message Remove unnecessary lines of code and add required tests Check if new email/phone updated by user exists in EmailAddress/VerificationDevice, make sure user is redirected to AccountVerification Page only when they update phone, add tests for the same. delete identifier.html change to tests
* Phone registration page, and authentication backend Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes * Phone registration page, and authentication backend Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes Phone registration page, and authentication backend * Edit Profile Page changes corresponding to setting user as OneToOneField in VerificationDevice add phone_format, instead of message Remove unnecessary lines of code and add required tests Check if new email/phone updated by user exists in EmailAddress/VerificationDevice, make sure user is redirected to AccountVerification Page only when they update phone, add tests for the same. delete identifier.html change to tests
* Phone registration page, and authentication backend Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes * Phone registration page, and authentication backend Upgrade django-skivvy to 0.1.8 100% test coverage Minor change to phone validator Changes to default.py and tests as addressed by Oliver Make all addressed changes Phone registration page, and authentication backend * Edit Profile Page changes corresponding to setting user as OneToOneField in VerificationDevice add phone_format, instead of message Remove unnecessary lines of code and add required tests Check if new email/phone updated by user exists in EmailAddress/VerificationDevice, make sure user is redirected to AccountVerification Page only when they update phone, add tests for the same. delete identifier.html change to tests
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
* VerificationDevice model and Removal of 48hr email verification period (#1606) * Registration with Phone number (#1662) * Add phone to User Profile (#1698) * Add Ansible provisioning for Twilio * Allow user to login with phone and add Resend Token Page (#1708) * Reset Password with Phone (#1717) * Twilio Integration and More update notification (#1719) * Add API endpoint for phone verification(2) (#1748)
With this PR, changes have been introduced to Edit Profile Page. Once user changes their phone number, a token will be sent to the user, and user will be redirected to Resend Token Page. Once the new phone has been verified, user account will be updated with the new phone.
Proposed changes in this pull request
ProfileFormand add tests.UserSerializerand add tests.UserFactory.andaccounts/views/api.py` and add tests.templates/accounts/profile.html.When should this PR be merged
[Please describe any preconditions that need to be addressed before we
can merge this pull request.]
Risks
Follow-up actions
Checklist (for reviewing)
General
migrationlabel if a new migration is added.Functionality
Code
Tests
Security
Documentation