LG-7088: Add tracking for forgot password email confirmed event

app/controllers/users/reset_passwords_controller.rb

@@ -22,6 +22,10 @@ def edit
       result = PasswordResetTokenValidator.new(token_user).submit
 
       analytics.password_reset_token(**result.to_h)
+      irs_attempts_api_tracker.forgot_password_email_confirmed(
+        success: result.success?,
+        failure_reason: result.errors,
+      )
 
       if result.success?
         @reset_password_form = ResetPasswordForm.new(build_user)

app/services/irs_attempts_api/tracker_events.rb

@@ -11,6 +11,16 @@ def email_and_password_auth(email:, success:)
       )
     end
 
+    # @param [Boolean] success
+    # @param [Hash<Symbol,Array<Symbol>>] failure_reason
+    def forgot_password_email_confirmed(success:, failure_reason: nil)
+      track_event(
+        :forgot_password_email_confirmed,
+        success: success,
+        failure_reason: failure_reason,
+      )
+    end
+
     # @param [Boolean] success True if the email and password matched
     # A user has initiated a logout event
     def logout_initiated(success:)

spec/controllers/users/reset_passwords_controller_spec.rb

@@ -8,7 +8,9 @@
     context 'no user matches token' do
       it 'redirects to page where user enters email for password reset token' do
         stub_analytics
+        stub_attempts_tracker
         allow(@analytics).to receive(:track_event)
+        allow(@irs_attempts_api_tracker).to receive(:track_event)
 
         get :edit, params: { reset_password_token: 'foo' }
 
@@ -21,6 +23,11 @@
 
         expect(@analytics).to have_received(:track_event).
           with('Password Reset: Token Submitted', analytics_hash)
+        expect(@irs_attempts_api_tracker).to have_received(:track_event).with(
+          :forgot_password_email_confirmed,
+          success: false,
+          failure_reason: { user: ['invalid_token'] },
+        )
 
         expect(response).to redirect_to new_user_password_path
         expect(flash[:error]).to eq t('devise.passwords.invalid_token')
@@ -30,7 +37,9 @@
     context 'token expired' do
       it 'redirects to page where user enters email for password reset token' do
         stub_analytics
+        stub_attempts_tracker
         allow(@analytics).to receive(:track_event)
+        allow(@irs_attempts_api_tracker).to receive(:track_event)
 
         user = instance_double('User', uuid: '123')
         allow(User).to receive(:with_reset_password_token).with('foo').and_return(user)
@@ -47,7 +56,11 @@
 
         expect(@analytics).to have_received(:track_event).
           with('Password Reset: Token Submitted', analytics_hash)
-
+        expect(@irs_attempts_api_tracker).to have_received(:track_event).with(
+          :forgot_password_email_confirmed,
+          success: false,
+          failure_reason: { user: ['token_expired'] },
+        )
         expect(response).to redirect_to new_user_password_path
         expect(flash[:error]).to eq t('devise.passwords.token_expired')
       end
@@ -58,6 +71,8 @@
 
       it 'displays the form to enter a new password and disallows indexing' do
         stub_analytics
+        stub_attempts_tracker
+        allow(@irs_attempts_api_tracker).to receive(:track_event)
 
         user = instance_double('User', uuid: '123')
         email_address = instance_double('EmailAddress')
@@ -75,6 +90,11 @@
         expect(response).to render_template :edit
         expect(flash.keys).to be_empty
         expect(response.body).to match('<meta content="noindex,nofollow" name="robots" />')
+        expect(@irs_attempts_api_tracker).to have_received(:track_event).with(
+          :forgot_password_email_confirmed,
+          success: true,
+          failure_reason: {},
+        )
       end
     end
   end