Merge pull request #1034 from pixelated/forgot-password-page

Makes account recovery flow public
author: Anike Arni <anikarni@gmail.com> 2017-03-30 15:31:52 -0300
committer: GitHub <noreply@github.com> 2017-03-30 15:31:52 -0300
commit: 9f0cd9888c3b435a44a5d3ea1e1484618099cc84 (patch)
tree: 643d5442e50734ef43716769935e75062aabaddb /service
parent: 7acb6843bd21dbf29cc7903964b52f6e21188df4 (diff)
parent: af0f6b1e655bba9fd42317b0332d7a314d673228 (diff)
4 files changed, 17 insertions, 3 deletions
diff --git a/service/pixelated/resources/account_recovery_resource.py b/service/pixelated/resources/account_recovery_resource.py
index ccfdc580..8cb10fc8 100644
--- a/service/pixelated/resources/account_recovery_resource.py
+++ b/service/pixelated/resources/account_recovery_resource.py
@@ -18,19 +18,20 @@ import os
 
 from pixelated.resources import BaseResource
 from twisted.python.filepath import FilePath
-from pixelated.resources import get_protected_static_folder
+from pixelated.resources import get_public_static_folder
 from twisted.web.http import OK
 from twisted.web.template import Element, XMLFile, renderElement
 
 
 class AccountRecoveryPage(Element):
-    loader = XMLFile(FilePath(os.path.join(get_protected_static_folder(), 'account_recovery.html')))
+    loader = XMLFile(FilePath(os.path.join(get_public_static_folder(), 'account_recovery.html')))
 
     def __init__(self):
         super(AccountRecoveryPage, self).__init__()
 
 
 class AccountRecoveryResource(BaseResource):
+    BASE_URL = 'account-recovery'
     isLeaf = True
 
     def __init__(self, services_factory):
diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py
index 3e1200d7..45942ea6 100644
--- a/service/pixelated/resources/login_resource.py
+++ b/service/pixelated/resources/login_resource.py
@@ -20,6 +20,7 @@ from xml.sax import SAXParseException
 from pixelated.authentication import Authenticator
 from pixelated.config.leap import BootstrapUserServices
 from pixelated.resources import BaseResource, UnAuthorizedResource, IPixelatedSession
+from pixelated.resources.account_recovery_resource import AccountRecoveryResource
 from pixelated.resources import get_public_static_folder, respond_json
 from twisted.cred.error import UnauthorizedLogin
 from twisted.internet import defer
@@ -101,6 +102,8 @@ class LoginResource(BaseResource):
             return self
         if path == 'status':
             return LoginStatusResource(self._services_factory)
+        if path == AccountRecoveryResource.BASE_URL:
+            return AccountRecoveryResource(self._services_factory)
         if not self.is_logged_in(request):
             return UnAuthorizedResource()
         return NoResource()
diff --git a/service/pixelated/resources/root_resource.py b/service/pixelated/resources/root_resource.py
index 02f2fb62..d860c422 100644
--- a/service/pixelated/resources/root_resource.py
+++ b/service/pixelated/resources/root_resource.py
@@ -92,7 +92,7 @@ class RootResource(BaseResource):
 
     def initialize(self, provider=None, disclaimer_banner=None, authenticator=None):
         self._child_resources.add('assets', File(self._protected_static_folder))
-        self._child_resources.add('account-recovery', AccountRecoveryResource(self._services_factory))
+        self._child_resources.add(AccountRecoveryResource.BASE_URL, AccountRecoveryResource(self._services_factory))
         self._child_resources.add('backup-account', BackupAccountResource(self._services_factory, authenticator))
         self._child_resources.add('sandbox', SandboxResource(self._protected_static_folder))
         self._child_resources.add('keys', KeysResource(self._services_factory))
diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py
index 9f940bc6..eaaba1d4 100644
--- a/service/test/unit/resources/test_login_resource.py
+++ b/service/test/unit/resources/test_login_resource.py
@@ -67,6 +67,16 @@ class TestLoginResource(unittest.TestCase):
         d.addCallback(assert_unauthorized_resources)
         return d
 
+    def test_account_recovery_resource_does_not_require_login(self):
+        request = DummyRequest(['account-recovery'])
+        d = self.web.get(request)
+
+        def assert_successful(_):
+            self.assertEqual(200, request.responseCode)
+
+        d.addCallback(assert_successful)
+        return d
+
     @patch('pixelated.resources.session.PixelatedSession.is_logged_in')
     def test_there_are_no_grand_children_resources_when_logged_in(self, mock_is_logged_in):
         request = DummyRequest(['/login/grand_children'])
author	Anike Arni <anikarni@gmail.com>	2017-03-30 15:31:52 -0300
committer	GitHub <noreply@github.com>	2017-03-30 15:31:52 -0300
commit	9f0cd9888c3b435a44a5d3ea1e1484618099cc84 (patch)
tree	643d5442e50734ef43716769935e75062aabaddb /service
parent	7acb6843bd21dbf29cc7903964b52f6e21188df4 (diff)
parent	af0f6b1e655bba9fd42317b0332d7a314d673228 (diff)