added check for email provider check before sending email

ohcnetwork · Oct 16, 2024 · ee5f329 · ee5f329
1 parent 08f0c72
commit ee5f329
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 0 deletions.
diff --git a/care/users/reset_password_views.py b/care/users/reset_password_views.py
@@ -208,6 +208,20 @@ def post(self, request, *args, **kwargs):
                 status=status.HTTP_429_TOO_MANY_REQUESTS,
             )
 
+        if settings.IS_PRODUCTION and (
+            not settings.EMAIL_HOST
+            or not settings.EMAIL_HOST_USER
+            or not settings.EMAIL_HOST_PASSWORD
+        ):
+            raise exceptions.ValidationError(
+                {
+                    "detail": [
+                        _(
+                            "There was a problem resetting your password. Please contact the administrator."
+                        )
+                    ]
+                }
+            )
         # before we continue, delete all existing expired tokens
         password_reset_token_validation_time = get_password_reset_token_expiry_time()
 

diff --git a/care/users/tests/test_auth.py b/care/users/tests/test_auth.py
@@ -127,6 +127,34 @@ def test_forgot_password_with_valid_input(self):
         self.assertEqual(response.status_code, status.HTTP_200_OK)
         self.assertTrue(ResetPasswordToken.objects.filter(user=self.user).exists())
 
+    @override_settings(IS_PRODUCTION=True)
+    def test_forgot_password_without_email_configration(self):
+        response = self.client.post(
+            "/api/v1/password_reset/",
+            {"username": self.user.username},
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(
+            response.json()["detail"][0],
+            "There was a problem resetting your password. Please contact the administrator.",
+        )
+
+    @override_settings(
+        IS_PRODUCTION=True,
+        EMAIL_HOST="smtp.gmail.com",
+        EMAIL_HOST_USER="[email protected]",
+        EMAIL_HOST_PASSWORD="your-app-password",
+    )
+    def test_forgot_password_with_email_configration(self):
+        response = self.client.post(
+            "/api/v1/password_reset/",
+            {"username": self.user.username},
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertTrue(ResetPasswordToken.objects.filter(user=self.user).exists())
+
     def test_forgot_password_with_missing_fields(self):
         response = self.client.post("/api/v1/password_reset/")
         self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)