From ee5f329844b0f709ae1e12c2c79f68481d4a5325 Mon Sep 17 00:00:00 2001
From: prafful <praffulsharma1230@gmail.com>
Date: Wed, 16 Oct 2024 17:32:41 +0530
Subject: [PATCH] added check for email provider check before sending email

---
 care/users/reset_password_views.py | 14 ++++++++++++++
 care/users/tests/test_auth.py      | 28 ++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+)

diff --git a/care/users/reset_password_views.py b/care/users/reset_password_views.py
index 89f67ae087..e204ab0719 100644
--- a/care/users/reset_password_views.py
+++ b/care/users/reset_password_views.py
@@ -208,6 +208,20 @@ def post(self, request, *args, **kwargs):
                 status=status.HTTP_429_TOO_MANY_REQUESTS,
             )
 
+        if settings.IS_PRODUCTION and (
+            not settings.EMAIL_HOST
+            or not settings.EMAIL_HOST_USER
+            or not settings.EMAIL_HOST_PASSWORD
+        ):
+            raise exceptions.ValidationError(
+                {
+                    "detail": [
+                        _(
+                            "There was a problem resetting your password. Please contact the administrator."
+                        )
+                    ]
+                }
+            )
         # before we continue, delete all existing expired tokens
         password_reset_token_validation_time = get_password_reset_token_expiry_time()
 
diff --git a/care/users/tests/test_auth.py b/care/users/tests/test_auth.py
index 695e105564..5a68c8a7d3 100644
--- a/care/users/tests/test_auth.py
+++ b/care/users/tests/test_auth.py
@@ -127,6 +127,34 @@ def test_forgot_password_with_valid_input(self):
         self.assertEqual(response.status_code, status.HTTP_200_OK)
         self.assertTrue(ResetPasswordToken.objects.filter(user=self.user).exists())
 
+    @override_settings(IS_PRODUCTION=True)
+    def test_forgot_password_without_email_configration(self):
+        response = self.client.post(
+            "/api/v1/password_reset/",
+            {"username": self.user.username},
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(
+            response.json()["detail"][0],
+            "There was a problem resetting your password. Please contact the administrator.",
+        )
+
+    @override_settings(
+        IS_PRODUCTION=True,
+        EMAIL_HOST="smtp.gmail.com",
+        EMAIL_HOST_USER="your-email@gmail.com",
+        EMAIL_HOST_PASSWORD="your-app-password",
+    )
+    def test_forgot_password_with_email_configration(self):
+        response = self.client.post(
+            "/api/v1/password_reset/",
+            {"username": self.user.username},
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertTrue(ResetPasswordToken.objects.filter(user=self.user).exists())
+
     def test_forgot_password_with_missing_fields(self):
         response = self.client.post("/api/v1/password_reset/")
         self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)