stages/email: don't throw 404 when token can't be found
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
3f84abec2f
commit
8f7d21b692
|
@ -213,9 +213,6 @@ class FlowExecutorView(APIView):
|
|||
serializers=challenge_types(),
|
||||
resource_type_field_name="component",
|
||||
),
|
||||
404: OpenApiResponse(
|
||||
description="No Token found"
|
||||
), # This error can be raised by the email stage
|
||||
},
|
||||
request=OpenApiTypes.NONE,
|
||||
parameters=[
|
||||
|
|
|
@ -3,7 +3,6 @@ from datetime import timedelta
|
|||
|
||||
from django.contrib import messages
|
||||
from django.http import HttpRequest, HttpResponse
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.urls import reverse
|
||||
from django.utils.http import urlencode
|
||||
from django.utils.timezone import now
|
||||
|
@ -99,7 +98,10 @@ class EmailStageView(ChallengeStageView):
|
|||
def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
|
||||
# Check if the user came back from the email link to verify
|
||||
if QS_KEY_TOKEN in request.session.get(SESSION_KEY_GET, {}):
|
||||
token = get_object_or_404(Token, key=request.session[SESSION_KEY_GET][QS_KEY_TOKEN])
|
||||
tokens = Token.filter_not_expired(key=request.session[SESSION_KEY_GET][QS_KEY_TOKEN])
|
||||
if not tokens.exists():
|
||||
return self.executor.stage_invalid(_("Invalid token"))
|
||||
token = tokens.first()
|
||||
self.executor.plan.context[PLAN_CONTEXT_PENDING_USER] = token.user
|
||||
token.delete()
|
||||
messages.success(request, _("Successfully verified Email."))
|
||||
|
|
|
@ -4702,8 +4702,6 @@ paths:
|
|||
schema:
|
||||
$ref: '#/components/schemas/ChallengeTypes'
|
||||
description: ''
|
||||
'404':
|
||||
description: No Token found
|
||||
'400':
|
||||
$ref: '#/components/schemas/ValidationError'
|
||||
'403':
|
||||
|
|
Reference in a new issue