🐛 Fix: drops phone check (#5475)

Author: pcrespov

services/web/server/src/simcore_service_webserver/login/handlers_registration.py

@@ -348,7 +348,6 @@ async def register_phone(request: web.Request):
     settings: LoginSettingsForProduct = get_plugin_settings(
         request.app, product_name=product.name
     )
-    db: AsyncpgStorage = get_plugin_storage(request.app)
 
     if not settings.LOGIN_2FA_REQUIRED:
         raise web.HTTPServiceUnavailable(
@@ -365,12 +364,6 @@ async def register_phone(request: web.Request):
             msg = f"Messaging SID is not configured in {product}. Update product's twilio_messaging_sid in database."
             raise ValueError(msg)
 
-        if await db.get_user({"phone": registration.phone}):
-            raise web.HTTPUnauthorized(  # noqa: TRY301
-                reason="Cannot register this phone number because it is already assigned to an active user",
-                content_type=MIMETYPE_APPLICATION_JSON,
-            )
-
         code = await create_2fa_code(
             app=request.app,
             user_email=registration.email,
@@ -385,18 +378,16 @@ async def register_phone(request: web.Request):
             first_name=get_user_name_from_email(registration.email),
         )
 
-        message = MSG_2FA_CODE_SENT.format(
-            phone_number=mask_phone_number(registration.phone)
-        )
-
         return envelope_response(
             # RegisterPhoneNextPage
             data={
                 "name": CODE_2FA_CODE_REQUIRED,
                 "parameters": {
                     "retry_2fa_after": settings.LOGIN_2FA_CODE_EXPIRATION_SEC,
                 },
-                "message": message,
+                "message": MSG_2FA_CODE_SENT.format(
+                    phone_number=mask_phone_number(registration.phone)
+                ),
                 "level": "INFO",
                 "logger": "user",
             },

services/web/server/tests/unit/with_dbs/03/login/test_login_2fa.py

@@ -28,7 +28,10 @@
     get_redis_validation_code_client,
     send_email_code,
 )
-from simcore_service_webserver.login._constants import MSG_2FA_UNAVAILABLE_OEC
+from simcore_service_webserver.login._constants import (
+    CODE_2FA_CODE_REQUIRED,
+    MSG_2FA_UNAVAILABLE_OEC,
+)
 from simcore_service_webserver.login.storage import AsyncpgStorage
 from simcore_service_webserver.products.api import Product, get_current_product
 from twilio.base.exceptions import TwilioRestException
@@ -240,15 +243,17 @@ def _get_confirmation_link_from_email():
     assert user["status"] == UserStatus.ACTIVE.value
 
 
-async def test_register_phone_fails_with_used_number(
+async def test_can_register_same_phone_in_different_accounts(
     client: TestClient,
     fake_user_email: str,
     fake_user_password: str,
     fake_user_phone_number: str,
+    mocked_twilio_service: dict[str, Mock],
     cleanup_db_tables: None,
 ):
     """
-    Tests https://github.com/ITISFoundation/osparc-simcore/issues/3304
+    - Changed policy about user phone constraint in  https://github.com/ITISFoundation/osparc-simcore/pull/5460
+    - Tests https://github.com/ITISFoundation/osparc-simcore/issues/3304
     """
     assert client.app
 
@@ -290,8 +295,11 @@ async def test_register_phone_fails_with_used_number(
                 "phone": fake_user_phone_number,
             },
         )
-        _, error = await assert_status(response, status.HTTP_401_UNAUTHORIZED)
-        assert "phone" in error["message"]
+        data, error = await assert_status(response, status.HTTP_202_ACCEPTED)
+        assert data
+        assert "Code" in data["message"]
+        assert data["name"] == CODE_2FA_CODE_REQUIRED
+        assert not error
 
 
 async def test_send_email_code(