diff --git a/app/controllers/users/reset_passwords_controller.rb b/app/controllers/users/reset_passwords_controller.rb index 943ef7e6cdf..29eb5fccbed 100644 --- a/app/controllers/users/reset_passwords_controller.rb +++ b/app/controllers/users/reset_passwords_controller.rb @@ -22,6 +22,10 @@ def edit result = PasswordResetTokenValidator.new(token_user).submit analytics.password_reset_token(**result.to_h) + irs_attempts_api_tracker.forgot_password_email_confirmed( + success: result.success?, + failure_reason: result.errors, + ) if result.success? @reset_password_form = ResetPasswordForm.new(build_user) diff --git a/app/services/irs_attempts_api/tracker_events.rb b/app/services/irs_attempts_api/tracker_events.rb index e6b06115cd0..ea471fadf11 100644 --- a/app/services/irs_attempts_api/tracker_events.rb +++ b/app/services/irs_attempts_api/tracker_events.rb @@ -11,6 +11,16 @@ def email_and_password_auth(email:, success:) ) end + # @param [Boolean] success + # @param [Hash>] failure_reason + def forgot_password_email_confirmed(success:, failure_reason: nil) + track_event( + :forgot_password_email_confirmed, + success: success, + failure_reason: failure_reason, + ) + end + # @param [Boolean] success True if the email and password matched # A user has initiated a logout event def logout_initiated(success:) diff --git a/spec/controllers/users/reset_passwords_controller_spec.rb b/spec/controllers/users/reset_passwords_controller_spec.rb index 467d5e4ae30..30bfb176108 100644 --- a/spec/controllers/users/reset_passwords_controller_spec.rb +++ b/spec/controllers/users/reset_passwords_controller_spec.rb @@ -8,7 +8,9 @@ context 'no user matches token' do it 'redirects to page where user enters email for password reset token' do stub_analytics + stub_attempts_tracker allow(@analytics).to receive(:track_event) + allow(@irs_attempts_api_tracker).to receive(:track_event) get :edit, params: { reset_password_token: 'foo' } @@ -21,6 +23,11 @@ expect(@analytics).to have_received(:track_event). with('Password Reset: Token Submitted', analytics_hash) + expect(@irs_attempts_api_tracker).to have_received(:track_event).with( + :forgot_password_email_confirmed, + success: false, + failure_reason: { user: ['invalid_token'] }, + ) expect(response).to redirect_to new_user_password_path expect(flash[:error]).to eq t('devise.passwords.invalid_token') @@ -30,7 +37,9 @@ context 'token expired' do it 'redirects to page where user enters email for password reset token' do stub_analytics + stub_attempts_tracker allow(@analytics).to receive(:track_event) + allow(@irs_attempts_api_tracker).to receive(:track_event) user = instance_double('User', uuid: '123') allow(User).to receive(:with_reset_password_token).with('foo').and_return(user) @@ -47,7 +56,11 @@ expect(@analytics).to have_received(:track_event). with('Password Reset: Token Submitted', analytics_hash) - + expect(@irs_attempts_api_tracker).to have_received(:track_event).with( + :forgot_password_email_confirmed, + success: false, + failure_reason: { user: ['token_expired'] }, + ) expect(response).to redirect_to new_user_password_path expect(flash[:error]).to eq t('devise.passwords.token_expired') end @@ -58,6 +71,8 @@ it 'displays the form to enter a new password and disallows indexing' do stub_analytics + stub_attempts_tracker + allow(@irs_attempts_api_tracker).to receive(:track_event) user = instance_double('User', uuid: '123') email_address = instance_double('EmailAddress') @@ -75,6 +90,11 @@ expect(response).to render_template :edit expect(flash.keys).to be_empty expect(response.body).to match('') + expect(@irs_attempts_api_tracker).to have_received(:track_event).with( + :forgot_password_email_confirmed, + success: true, + failure_reason: {}, + ) end end end