ChildMindInstitute · sultanofcardio · Feb 21, 2024 · Feb 21, 2024 · Feb 21, 2024 · Feb 21, 2024
diff --git a/src/apps/users/services/core.py b/src/apps/users/services/core.py
@@ -73,21 +73,26 @@ async def send_password_recovery(
 
         # Default to web frontend
         frontend_base = settings.service.urls.frontend.web_base
+        password_recovery_page = settings.service.urls.frontend.web_password_recovery_send
+        subject = "MindLogger"
+
         if content_source == MindloggerContentSource.admin:
             # Change to admin frontend if the request came from there
             frontend_base = settings.service.urls.frontend.admin_base
+            password_recovery_page = settings.service.urls.frontend.admin_password_recovery_send
+            subject = "MindLogger Admin"
 
         url = (
             f"https://{frontend_base}"
-            f"/{settings.service.urls.frontend.password_recovery_send}"
+            f"/{password_recovery_page}"
             f"?key={password_recovery_info.key}"
             f"&email="
             f"{urllib.parse.quote(user.email_encrypted)}"
         )
 
         message = MessageSchema(
             recipients=[user.email_encrypted],
-            subject="Girder for MindLogger (development instance): " "Temporary access",
+            subject=subject,
             body=service.get_template(
                 path="reset_password_en",
                 email=user.email_encrypted,

diff --git a/src/apps/users/tests/test_password.py b/src/apps/users/tests/test_password.py
@@ -65,7 +65,7 @@ async def test_password_update(self, mock_reencrypt_kiq: AsyncMock, client: Test
         assert internal_response.status_code == status.HTTP_200_OK
         mock_reencrypt_kiq.assert_awaited_once()
 
-    async def test_password_recovery(self, client: TestClient, user_create: UserCreate):
+    async def test_password_recovery_web(self, client: TestClient, user_create: UserCreate):
         # Password recovery
         password_recovery_request: PasswordRecoveryRequest = PasswordRecoveryRequest(email=user_create.dict()["email"])
 
@@ -82,7 +82,7 @@ async def test_password_recovery(self, client: TestClient, user_create: UserCrea
         assert password_recovery_request.email in keys[0]
         assert len(TestMail.mails) == 1
         assert TestMail.mails[0].recipients[0] == password_recovery_request.email
-        assert TestMail.mails[0].subject == "Girder for MindLogger (development instance): Temporary access"
+        assert TestMail.mails[0].subject == "MindLogger"
 
         response = await client.post(
             url=self.password_recovery_url,
@@ -97,6 +97,39 @@ async def test_password_recovery(self, client: TestClient, user_create: UserCrea
         assert len(TestMail.mails) == 2
         assert TestMail.mails[0].recipients[0] == password_recovery_request.email
 
+    async def test_password_recovery_admin(self, client: TestClient, user_create: UserCreate):
+        # Password recovery
+        password_recovery_request: PasswordRecoveryRequest = PasswordRecoveryRequest(email=user_create.dict()["email"])
+
+        response = await client.post(
+            url=self.password_recovery_url,
+            data=password_recovery_request.dict(),
+            headers={"MindLogger-Content-Source": "admin"},
+        )
+
+        cache = RedisCache()
+
+        assert response.status_code == status.HTTP_201_CREATED
+        keys = await cache.keys(key=f"PasswordRecoveryCache:{user_create.email}*")
+        assert len(keys) == 1
+        assert password_recovery_request.email in keys[0]
+        assert len(TestMail.mails) == 3
+        assert TestMail.mails[0].recipients[0] == password_recovery_request.email
+        assert TestMail.mails[0].subject == "MindLogger Admin"
+
+        response = await client.post(
+            url=self.password_recovery_url,
+            data=password_recovery_request.dict(),
+        )
+
+        assert response.status_code == status.HTTP_201_CREATED
+
+        new_keys = await cache.keys(key=f"PasswordRecoveryCache:{user_create.email}*")
+        assert len(keys) == 1
+        assert keys[0] != new_keys[0]
+        assert len(TestMail.mails) == 4
+        assert TestMail.mails[0].recipients[0] == password_recovery_request.email
+
     async def test_password_recovery_approve(self, client: TestClient, user_create: UserCreate):
         cache = RedisCache()
 

diff --git a/src/config/service.py b/src/config/service.py
@@ -7,7 +7,8 @@ class FrontendUrlsSettings(BaseModel):
     web_base: str = "web.mindlogger.org"
     admin_base: str = "admin.frontend.com"
     invitation_send: str = "invitation"
-    password_recovery_send: str = "password-recovery"
+    web_password_recovery_send: str = "password-recovery"
+    admin_password_recovery_send: str = "auth/password-recovery"
     public_link: str = "public"
     private_link: str = "join"
     transfer_link: str = "transferOwnership"