diff --git a/.env.development b/.env.development index 845a467c19..f7747eb062 100644 --- a/.env.development +++ b/.env.development @@ -1,3 +1,5 @@ +CANONICAL_HOSTNAME=localhost:3000 + DFE_SIGN_IN_ISSUER=https://pp-oidc.signin.education.gov.uk:443 DFE_SIGN_IN_REDIRECT_BASE_URL=https://localhost:3000 DFE_SIGN_IN_IDENTIFIER=teacherpayments diff --git a/.env.test b/.env.test index 080855ba55..a940a7ea8a 100644 --- a/.env.test +++ b/.env.test @@ -1,3 +1,5 @@ +CANONICAL_HOSTNAME=www.example.com + DFE_SIGN_IN_API_CLIENT_ID=teacherpayments DFE_SIGN_IN_API_SECRET=secret DFE_SIGN_IN_API_ENDPOINT=https://example.com diff --git a/app/controllers/claims_controller.rb b/app/controllers/claims_controller.rb index aa448dc0c3..e716e99d71 100644 --- a/app/controllers/claims_controller.rb +++ b/app/controllers/claims_controller.rb @@ -85,7 +85,7 @@ def check_page_is_in_sequence def handle_magic_link otp = OneTimePassword::Validator.new(params[:code], answers.sent_one_time_password_at) - if otp.valid? + if otp.valid? # && EligibleEyProvider.eligible_email?(journey_session.answers.email_address) # TODO eligible check once model merged: https://github.com/DFE-Digital/claim-additional-payments-for-teaching/pull/3050 journey_session.answers.assign_attributes(email_verified: true) journey_session.save! session[:slugs] << page_sequence.next_required_slug diff --git a/app/mailers/claim_mailer.rb b/app/mailers/claim_mailer.rb index e94392d043..6b7b6d4b3e 100644 --- a/app/mailers/claim_mailer.rb +++ b/app/mailers/claim_mailer.rb @@ -74,11 +74,9 @@ def email_verification(claim, one_time_password) def early_years_payment_provider_email(claim, one_time_password) unknown_policy_check(claim) set_common_instance_variables(claim) - @subject = @claim_subject - @one_time_password = one_time_password + @magic_link = early_years_payment_provider_magic_link(one_time_password) personalisation = { - email_subject: @subject, - one_time_password: @one_time_password + magic_link: @magic_link } send_mail(template_ids(claim)[:CLAIM_PROVIDER_EMAIL_TEMPLATE_ID], personalisation) @@ -120,4 +118,9 @@ def unknown_policy_check(claim) ].include?(claim.policy) raise ArgumentError, "Unknown claim policy: #{claim.policy}" end + + def early_years_payment_provider_magic_link(one_time_password) + slug = Journeys::PageSequence::EARLY_YEARS_PAYMENT_PROVIDER_EMAIL_SLUG + "https://#{ENV["CANONICAL_HOSTNAME"]}/#{Journeys::EarlyYearsPayment::Provider::ROUTING_NAME}/#{slug}?code=#{one_time_password}" + end end diff --git a/app/models/journeys/early_years_payment/provider/slug_sequence.rb b/app/models/journeys/early_years_payment/provider/slug_sequence.rb index 2ed37b5570..60a961a841 100644 --- a/app/models/journeys/early_years_payment/provider/slug_sequence.rb +++ b/app/models/journeys/early_years_payment/provider/slug_sequence.rb @@ -9,6 +9,8 @@ class SlugSequence current-nursery ].freeze + MAGIC_LINK_SLUG = "consent" + def self.start_page_url Rails.application.routes.url_helpers.landing_page_path("early-years-payment-provider") end @@ -24,6 +26,10 @@ def initialize(journey_session) def slugs SLUGS end + + def magic_link?(slug) + slug == MAGIC_LINK_SLUG + end end end end diff --git a/app/models/journeys/page_sequence.rb b/app/models/journeys/page_sequence.rb index 33701c161b..af5ee7b9ff 100644 --- a/app/models/journeys/page_sequence.rb +++ b/app/models/journeys/page_sequence.rb @@ -5,9 +5,9 @@ module Journeys class PageSequence attr_reader :current_slug + EARLY_YEARS_PAYMENT_PROVIDER_EMAIL_SLUG = "consent" DEAD_END_SLUGS = %w[complete existing-session eligible-later future-eligibility ineligible] OPTIONAL_SLUGS = %w[postcode-search select-home-address reset-claim] - MAGIC_LINK_SLUGS = %w[consent] def initialize(slug_sequence, completed_slugs, current_slug, journey_session) @current_slug = current_slug @@ -63,7 +63,7 @@ def next_required_slug end def magic_link? - MAGIC_LINK_SLUGS.include?(current_slug) + @slug_sequence.respond_to?(:magic_link?) && @slug_sequence.magic_link?(current_slug) end private diff --git a/spec/features/early_years_payment/provider/happy_path_spec.rb b/spec/features/early_years_payment/provider/happy_path_spec.rb index 2a29b49c72..5c5ed7e166 100644 --- a/spec/features/early_years_payment/provider/happy_path_spec.rb +++ b/spec/features/early_years_payment/provider/happy_path_spec.rb @@ -3,7 +3,7 @@ RSpec.feature "Early years payment provider" do let(:journey_session) { Journeys::EarlyYearsPayment::Provider::Session.last } let(:mail) { ActionMailer::Base.deliveries.last } - let(:otp) { mail[:personalisation].unparsed_value[:one_time_password] } + let(:magic_link) { mail[:personalisation].unparsed_value[:magic_link] } scenario "happy path claim" do when_early_years_payment_provider_journey_configuration_exists @@ -24,9 +24,9 @@ expect(page).to have_content("We have sent an email to johndoe@example.com") expect(mail.to).to eq ["johndoe@example.com"] - expect(otp).to match(/\A\d{6}\Z/) + expect(magic_link).to match(/\?code=\d{6}\Z/) - visit claim_path(Journeys::EarlyYearsPayment::Provider::ROUTING_NAME, :consent, code: otp) + visit magic_link expect(journey_session.reload.answers.email_verified).to be true expect(page).to have_content("Declaration of Employee Consent") check "I confirm that I have obtained consent from my employee and have provided them with the relevant privacy notice." diff --git a/spec/forms/journeys/early_years_payment/provider/email_address_form_spec.rb b/spec/forms/journeys/early_years_payment/provider/email_address_form_spec.rb index 0957949e5f..245c07ddc4 100644 --- a/spec/forms/journeys/early_years_payment/provider/email_address_form_spec.rb +++ b/spec/forms/journeys/early_years_payment/provider/email_address_form_spec.rb @@ -31,7 +31,6 @@ let(:policy) { journey_session.answers.policy } let(:claim_subject) { I18n.t("#{policy.locale_key}.claim_subject") } - let(:email_subject) { claim_subject } it { should be_truthy } @@ -47,8 +46,7 @@ expect(email_address).to have_received_email( "e0b78a08-601b-40ba-a97f-61fb00a7c951", - email_subject: email_subject, - one_time_password: "111111" + magic_link: "https://www.example.com/early-years-payment-provider/consent?code=111111" ) end diff --git a/spec/mailers/claim_mailer_spec.rb b/spec/mailers/claim_mailer_spec.rb index 9fb91aa117..69f1fb7ae9 100644 --- a/spec/mailers/claim_mailer_spec.rb +++ b/spec/mailers/claim_mailer_spec.rb @@ -352,9 +352,8 @@ class SomePolicy; end before { create(:journey_configuration, :early_years_payment_provider) } - it "has personalisation keys for: one time password" do - # TODO find correct email subject. Is subject used? or overriden on notify template? - expect(mail[:personalisation].decoded).to eq("{:email_subject=>\"Early Years Payment\", :one_time_password=>123124}") + it "has personalisation keys for: magic link" do + expect(mail[:personalisation].decoded).to eq("{:magic_link=>\"https://#{ENV["CANONICAL_HOSTNAME"]}/early-years-payment-provider/consent?code=123124\"}") expect(mail.body).to be_empty end end