page “Mon compte” : action de validation d’un numéro de téléphone existant (#82388) #152

pmarillonnet · 2023-10-16T15:49:12+02:00

pmarillonnet commented

2023-10-16 15:49:12 +02:00

No description provided.

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 9a401aeeff to 7786b4f06e

2023-10-16 16:11:52 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 7786b4f06e to f98bf0c7c0

2023-10-16 17:31:53 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from f98bf0c7c0 to dcf2f027aa

2023-10-17 10:10:39 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from dcf2f027aa to 5cf147dac8

2023-10-17 14:11:11 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 2fec8a7964 to db7849f4f8

2023-10-17 14:52:00 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from db7849f4f8 to 2e8eda97c2

2023-10-17 14:58:48 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 2e8eda97c2 to eb96b0fd76

2023-10-17 15:12:49 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from eb96b0fd76 to 7db2d78071

2023-10-17 15:34:08 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 7db2d78071 to 394e60327b

2023-10-17 15:41:54 +02:00

Compare

pmarillonnet changed title from ~~WIP: page “Mon compte” : libellé adéquat lorsque le numéro de l’usager est connu mais pas validé (#82388)~~ to WIP: page “Mon compte” : action de validation d’un numéro de téléphone existant (#82388)

2023-10-17 15:55:26 +02:00

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 394e60327b to 75bb5cee5f

2023-10-17 16:12:28 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 75bb5cee5f to e946837164

2023-10-17 16:38:09 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from e946837164 to 7301ba2cd8

2023-10-17 16:45:26 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 7301ba2cd8 to d003aba947

2023-10-18 09:24:40 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from d003aba947 to cb66d47083

2023-10-18 10:26:26 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from cb66d47083 to 858a8e33ee

2023-10-18 10:29:11 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 858a8e33ee to 44b98bd285

2023-10-18 10:59:01 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 44b98bd285 to 5096f0886d

2023-10-18 11:01:46 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 5096f0886d to 3b877a6c06

2023-10-18 11:07:01 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from 3b877a6c06 to d7dbca8df2

2023-10-18 11:18:13 +02:00

Compare

pmarillonnet force-pushed wip/82388-phone-authn-accounts-verification-label from d7dbca8df2 to 61c6f3ddd4

2023-10-18 11:26:28 +02:00

Compare

pmarillonnet changed title from ~~WIP: page “Mon compte” : action de validation d’un numéro de téléphone existant (#82388)~~ to page “Mon compte” : action de validation d’un numéro de téléphone existant (#82388)

2023-10-18 11:27:09 +02:00

bdauvergne requested changes 2023-12-21 12:13:26 +01:00

src/authentic2/models.py

						
				@ -823,11 +823,13 @@ class SMSCode(models.Model):

				    KIND_PASSWORD_LOST = 'password-reset'

				    KIND_PHONE_CHANGE = 'phone-change'

				    KIND_ACCOUNT_DELETION = 'account-deletion'

				    KIND_PHONE_VALIDATE = 'phone-validate'

bdauvergne commented

2023-12-21 11:59:34 +01:00

Est-ce qu'on pourrait réutiliser phone-change plutôt ? La situation me parait de loin identique.

src/authentic2/views.py

						
				@ -415,0 +470,4 @@

				        ).exists()

				        resend_key = 'phone-validate-allow-sms-resend'

				        if (

				            app_settings.A2_SMS_CODE_EXISTS_WARNING

bdauvergne commented

2023-12-21 12:12:14 +01:00

Je ne pense pas qu'on souhaite jamais mettre ce setting à False.

src/authentic2/views.py

						
				@ -415,0 +485,4 @@

				            )

				            return self.form_invalid(form)

				        self.request.session[resend_key] = False

				        if 'next_url' in form.cleaned_data:

bdauvergne commented

2023-12-21 12:08:00 +01:00

Il y a un mixin pour ça.

src/authentic2/views.py

						
				@ -415,0 +488,4 @@

				        if 'next_url' in form.cleaned_data:

				            self.next_url = form.cleaned_data['next_url']

				        if is_ratelimited(

bdauvergne commented

2023-12-21 12:08:34 +01:00

Je pense qu'on pourrait n'utiliser qu'un seul groupe pour tous les envois de SMS et factoriser cette partie entre les vues si possible:

$ git grep -A10 is_ratelimited | grep 'is_rate\|group' | grep -B1 sms
src/authentic2/views.py:        if is_ratelimited(
src/authentic2/views.py-            group='phone-change-sms',
src/authentic2/views.py:        if is_ratelimited(
src/authentic2/views.py-            group='phone-change-sms',
--
src/authentic2/views.py:            if is_ratelimited(
src/authentic2/views.py-                group='pw-reset-sms',
src/authentic2/views.py:            if is_ratelimited(
src/authentic2/views.py-                group='pw-reset-sms',
src/authentic2/views.py:        if is_ratelimited(
src/authentic2/views.py-            group='registration-sms',
src/authentic2/views.py:        if is_ratelimited(
src/authentic2/views.py-            group='registration-sms',

Je pense qu'on pourrait n'utiliser qu'un seul groupe pour tous les envois de SMS et factoriser cette partie entre les vues si possible: ``` $ git grep -A10 is_ratelimited | grep 'is_rate\|group' | grep -B1 sms src/authentic2/views.py: if is_ratelimited( src/authentic2/views.py- group='phone-change-sms', src/authentic2/views.py: if is_ratelimited( src/authentic2/views.py- group='phone-change-sms', -- src/authentic2/views.py: if is_ratelimited( src/authentic2/views.py- group='pw-reset-sms', src/authentic2/views.py: if is_ratelimited( src/authentic2/views.py- group='pw-reset-sms', src/authentic2/views.py: if is_ratelimited( src/authentic2/views.py- group='registration-sms', src/authentic2/views.py: if is_ratelimited( src/authentic2/views.py- group='registration-sms', ```

src/authentic2/views.py

						
				@ -415,0 +503,4 @@

				                ),

				            )

				            return self.form_invalid(form)

				        if is_ratelimited(

bdauvergne commented

2023-12-21 12:09:10 +01:00

Pareil ici.

src/authentic2/views.py

						
				@ -415,0 +533,4 @@

				                    'Please contact your administrator and try again later.'

				                ),

				            )

				            return utils_misc.redirect(self.request, reverse('auth_homepage'))

bdauvergne commented

2023-12-21 12:10:07 +01:00

On récupère une next_url plus haut on devrait l'utiliser ici.

gitea/authentic/pipeline/head This commit looks good

Details

This pull request has changes conflicting with the target branch.

src/authentic2/views.py
tests/test_views.py

You can also view command line instructions.

Step 1:

From your project repository, check out a new branch and test the changes.

git checkout -b wip/82388-phone-authn-accounts-verification-label main

git pull origin wip/82388-phone-authn-accounts-verification-label

Step 2:

Merge the changes and update on Gitea.

git checkout main

git merge --no-ff wip/82388-phone-authn-accounts-verification-label

git push origin main

Sign in to join this conversation.

No reviewers

No Label

No Milestone

No Assignees

2 Participants

Notifications

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: entrouvert/authentic#152