Revert "feat: email register refactor" (#25367)

2026-01-08 07:14:14 +00:00 · 2025-09-08 19:20:09 +08:00
parent 598ec07c91
commit ea61420441
34 changed files with 79 additions and 1916 deletions
--- a/api/tests/integration_tests/.env.example
+++ b/api/tests/integration_tests/.env.example
@@ -203,7 +203,6 @@ ENDPOINT_URL_TEMPLATE=http://localhost:5002/e/{hook_id}

 # Reset password token expiry minutes
 RESET_PASSWORD_TOKEN_EXPIRY_MINUTES=5
-EMAIL_REGISTER_TOKEN_EXPIRY_MINUTES=5
 CHANGE_EMAIL_TOKEN_EXPIRY_MINUTES=5
 OWNER_TRANSFER_TOKEN_EXPIRY_MINUTES=5

--- a/api/tests/test_containers_integration_tests/services/test_account_service.py
+++ b/api/tests/test_containers_integration_tests/services/test_account_service.py
@@ -13,6 +13,7 @@ from services.account_service import AccountService, RegisterService, TenantServ
 from services.errors.account import (
    AccountAlreadyInTenantError,
    AccountLoginError,
+    AccountNotFoundError,
    AccountPasswordError,
    AccountRegisterError,
    CurrentPasswordIncorrectError,
@@ -138,7 +139,7 @@ class TestAccountService:
        fake = Faker()
        email = fake.email()
        password = fake.password(length=12)
-        with pytest.raises(AccountPasswordError):
+        with pytest.raises(AccountNotFoundError):
            AccountService.authenticate(email, password)

    def test_authenticate_banned_account(self, db_session_with_containers, mock_external_service_dependencies):
--- a/api/tests/unit_tests/controllers/console/auth/test_authentication_security.py
+++ b/api/tests/unit_tests/controllers/console/auth/test_authentication_security.py
@@ -9,6 +9,7 @@ from flask_restx import Api
 import services.errors.account
 from controllers.console.auth.error import AuthenticationFailedError
 from controllers.console.auth.login import LoginApi
+from controllers.console.error import AccountNotFound


 class TestAuthenticationSecurity:
@@ -26,33 +27,31 @@ class TestAuthenticationSecurity:
    @patch("controllers.console.auth.login.FeatureService.get_system_features")
    @patch("controllers.console.auth.login.AccountService.is_login_error_rate_limit")
    @patch("controllers.console.auth.login.AccountService.authenticate")
-    @patch("controllers.console.auth.login.AccountService.add_login_error_rate_limit")
+    @patch("controllers.console.auth.login.AccountService.send_reset_password_email")
    @patch("controllers.console.auth.login.dify_config.BILLING_ENABLED", False)
    @patch("controllers.console.auth.login.RegisterService.get_invitation_if_token_valid")
    def test_login_invalid_email_with_registration_allowed(
-        self, mock_get_invitation, mock_add_rate_limit, mock_authenticate, mock_is_rate_limit, mock_features, mock_db
+        self, mock_get_invitation, mock_send_email, mock_authenticate, mock_is_rate_limit, mock_features, mock_db
    ):
-        """Test that invalid email raises AuthenticationFailedError when account not found."""
+        """Test that invalid email sends reset password email when registration is allowed."""
        # Arrange
        mock_is_rate_limit.return_value = False
        mock_get_invitation.return_value = None
-        mock_authenticate.side_effect = services.errors.account.AccountPasswordError("Invalid email or password.")
+        mock_authenticate.side_effect = services.errors.account.AccountNotFoundError("Account not found")
        mock_db.session.query.return_value.first.return_value = MagicMock()  # Mock setup exists
        mock_features.return_value.is_allow_register = True
+        mock_send_email.return_value = "token123"

        # Act
        with self.app.test_request_context(
            "/login", method="POST", json={"email": "nonexistent@example.com", "password": "WrongPass123!"}
        ):
            login_api = LoginApi()
+            result = login_api.post()

-            # Assert
-            with pytest.raises(AuthenticationFailedError) as exc_info:
-                login_api.post()
-
-        assert exc_info.value.error_code == "authentication_failed"
-        assert exc_info.value.description == "Invalid email or password."
-        mock_add_rate_limit.assert_called_once_with("nonexistent@example.com")
+        # Assert
+        assert result == {"result": "fail", "data": "token123", "code": "account_not_found"}
+        mock_send_email.assert_called_once_with(email="nonexistent@example.com", language="en-US")

    @patch("controllers.console.wraps.db")
    @patch("controllers.console.auth.login.AccountService.is_login_error_rate_limit")
@@ -88,17 +87,16 @@ class TestAuthenticationSecurity:
    @patch("controllers.console.auth.login.FeatureService.get_system_features")
    @patch("controllers.console.auth.login.AccountService.is_login_error_rate_limit")
    @patch("controllers.console.auth.login.AccountService.authenticate")
-    @patch("controllers.console.auth.login.AccountService.add_login_error_rate_limit")
    @patch("controllers.console.auth.login.dify_config.BILLING_ENABLED", False)
    @patch("controllers.console.auth.login.RegisterService.get_invitation_if_token_valid")
    def test_login_invalid_email_with_registration_disabled(
-        self, mock_get_invitation, mock_add_rate_limit, mock_authenticate, mock_is_rate_limit, mock_features, mock_db
+        self, mock_get_invitation, mock_authenticate, mock_is_rate_limit, mock_features, mock_db
    ):
-        """Test that invalid email raises AuthenticationFailedError when account not found."""
+        """Test that invalid email raises AccountNotFound when registration is disabled."""
        # Arrange
        mock_is_rate_limit.return_value = False
        mock_get_invitation.return_value = None
-        mock_authenticate.side_effect = services.errors.account.AccountPasswordError("Invalid email or password.")
+        mock_authenticate.side_effect = services.errors.account.AccountNotFoundError("Account not found")
        mock_db.session.query.return_value.first.return_value = MagicMock()  # Mock setup exists
        mock_features.return_value.is_allow_register = False

@@ -109,12 +107,10 @@ class TestAuthenticationSecurity:
            login_api = LoginApi()

            # Assert
-            with pytest.raises(AuthenticationFailedError) as exc_info:
+            with pytest.raises(AccountNotFound) as exc_info:
                login_api.post()

-        assert exc_info.value.error_code == "authentication_failed"
-        assert exc_info.value.description == "Invalid email or password."
-        mock_add_rate_limit.assert_called_once_with("nonexistent@example.com")
+        assert exc_info.value.error_code == "account_not_found"

    @patch("controllers.console.wraps.db")
    @patch("controllers.console.auth.login.FeatureService.get_system_features")
--- a/api/tests/unit_tests/services/test_account_service.py
+++ b/api/tests/unit_tests/services/test_account_service.py
@@ -10,6 +10,7 @@ from services.account_service import AccountService, RegisterService, TenantServ
 from services.errors.account import (
    AccountAlreadyInTenantError,
    AccountLoginError,
+    AccountNotFoundError,
    AccountPasswordError,
    AccountRegisterError,
    CurrentPasswordIncorrectError,
@@ -194,7 +195,7 @@ class TestAccountService:

        # Execute test and verify exception
        self._assert_exception_raised(
-            AccountPasswordError, AccountService.authenticate, "notfound@example.com", "password"
+            AccountNotFoundError, AccountService.authenticate, "notfound@example.com", "password"
        )

    def test_authenticate_account_banned(self, mock_db_dependencies):