Compare revisions

Robin Goodall · Robin Goodall · activate-account-bot · Robin Goodall · 1f3dcc2c · 1f3dcc2c
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
 # Changelog

+## [0.16.0](https://gitlab.developers.cam.ac.uk/uis/devops/iam/activate-account/api/compare/0.15.1...0.16.0) (2025-01-31)
+
+### Features
+
+* allow creation fake tokens in test/demo environments ([f4c77c1](https://gitlab.developers.cam.ac.uk/uis/devops/iam/activate-account/api/commit/f4c77c1ae5fda2a0ecb6c4d2efa4adde4dea39dd))
+
 ## [0.15.1](https://gitlab.developers.cam.ac.uk/uis/devops/iam/activate-account/api/compare/0.15.0...0.15.1) (2025-01-22)

 ### Bug Fixes

--- a/activate_account_project/settings/base.py
+++ b/activate_account_project/settings/base.py
@@ -19,6 +19,7 @@ DATABASES = {

 DATA_MANAGER_ENABLED = False
 DATA_MANAGER_READ_ONLY = True
+FAKE_RESET_TOKEN_IF_MISSING = False

 # If the EXTRA_SETTINGS_URLS environment variable is set, it is a comma-separated list of URLs from
 # which to fetch additional settings as YAML-formatted documents. The documents should be
@@ -44,6 +45,7 @@ externalsettings.load_external_settings(
        "EMAIL_PORT",
        "DATA_MANAGER_ENABLED",
        "DATA_MANAGER_READ_ONLY",
+        "FAKE_RESET_TOKEN_IF_MISSING",
    ],
 )


--- a/api/v1alpha/views.py
+++ b/api/v1alpha/views.py
@@ -3,6 +3,10 @@ Views implementing the API endpoints.

 """

+import random
+from string import ascii_uppercase, digits
+
+from django.conf import settings
 from drf_spectacular.utils import OpenApiResponse, extend_schema
 from rest_framework import exceptions, generics, status

@@ -75,6 +79,16 @@ class ResetTokenView(generics.RetrieveAPIView):
        try:
            return get_reset_token(self.request.user.crsid)
        except PasswordAppNotFound:
+            # To aid demo/testing purposes, we can fake a reset token if the Password App can't
+            # find the user
+            if settings.FAKE_RESET_TOKEN_IF_MISSING:
+                return "-".join(
+                    [
+                        "".join([random.choice(digits + ascii_uppercase) for _ in range(4)])
+                        for _ in range(3)
+                    ]
+                    + ["FAKE"]  # Help developers identify fake tokens
+                )
            # Raising a validation error here rather than a 404 which could be misunderstand as
            # the endpoint not existing
            raise exceptions.ValidationError({"crsid": "Password App was unable to find the user"})

--- a/pyproject.toml
+++ b/pyproject.toml
 [tool.poetry]
 name = "activate_account"
-version = "0.15.1"
+version = "0.16.0"
 description = ""
 authors = [ ]
 readme = "README.md"
No results found