From b56e567343364aa7d52a1615ba422726a50416ea Mon Sep 17 00:00:00 2001 From: Gilles <43683714+corp-0@users.noreply.github.com> Date: Fri, 23 Feb 2024 01:23:37 -0300 Subject: [PATCH] fix: removes unneeded url parameter from mail confirmation endpoint (#84) --- src/accounts/api/urls.py | 14 ++++++++--- src/accounts/api/views.py | 49 +++++++++++++++++++++++++++------------ 2 files changed, 45 insertions(+), 18 deletions(-) diff --git a/src/accounts/api/urls.py b/src/accounts/api/urls.py index c2b9f28..55eb449 100644 --- a/src/accounts/api/urls.py +++ b/src/accounts/api/urls.py @@ -33,8 +33,16 @@ name="request-verification-token", ), path("verify-account", VerifyAccountView.as_view(), name="verify-account"), - path("resend-account-confirmation", ResendAccountConfirmationView.as_view(), name="resend-account-confirmation"), - path("confirm-account/", ConfirmAccountView.as_view(), name="confirm"), - path("reset-password/", ResetPasswordView.as_view(), name="reset-password-token"), + path( + "resend-account-confirmation", + ResendAccountConfirmationView.as_view(), + name="resend-account-confirmation", + ), + path("confirm-account", ConfirmAccountView.as_view(), name="confirm"), + path( + "reset-password/", + ResetPasswordView.as_view(), + name="reset-password-token", + ), path("reset-password/", RequestPasswordResetView.as_view(), name="reset-password"), ] diff --git a/src/accounts/api/views.py b/src/accounts/api/views.py index bcb2d20..472692b 100644 --- a/src/accounts/api/views.py +++ b/src/accounts/api/views.py @@ -55,7 +55,10 @@ def get_post_response_data(self, request, token, instance): user: Account = request.user if not user.is_confirmed: - return ErrorResponse("You must confirm your email before attempting to login.", status.HTTP_400_BAD_REQUEST) + return ErrorResponse( + "You must confirm your email before attempting to login.", + status.HTTP_400_BAD_REQUEST, + ) serializer = self.get_user_serializer_class() @@ -90,10 +93,16 @@ def post(self, request): account: Account | None = authenticate(email=email, password=password) # type: ignore[assignment] if account is None: - return ErrorResponse("Unable to login with provided credentials.", status.HTTP_401_UNAUTHORIZED) + return ErrorResponse( + "Unable to login with provided credentials.", + status.HTTP_401_UNAUTHORIZED, + ) if not account.is_confirmed: - return ErrorResponse("You must confirm your email before attempting to login.", status.HTTP_401_UNAUTHORIZED) + return ErrorResponse( + "You must confirm your email before attempting to login.", + status.HTTP_401_UNAUTHORIZED, + ) if not account.is_active: return ErrorResponse("Account is suspended.", status.HTTP_401_UNAUTHORIZED) @@ -210,10 +219,16 @@ def post(self, request): try: account = Account.objects.get(unique_identifier=serializer.validated_data["unique_identifier"]) except Account.DoesNotExist: - return ErrorResponse("Either token or unique_identifier are invalid.", status.HTTP_400_BAD_REQUEST) + return ErrorResponse( + "Either token or unique_identifier are invalid.", + status.HTTP_400_BAD_REQUEST, + ) if account.verification_token != serializer.validated_data["verification_token"]: - return ErrorResponse("Either token or unique_identifier are invalid.", status.HTTP_400_BAD_REQUEST) + return ErrorResponse( + "Either token or unique_identifier are invalid.", + status.HTTP_400_BAD_REQUEST, + ) public_data = PublicAccountDataSerializer(account).data @@ -272,7 +287,8 @@ def post(self, request): account = Account.objects.get(email=serializer.validated_data["email"]) except Account.DoesNotExist: logger.warning( - "Attempted to reset password for non-existing account: %s", serializer.validated_data["email"] + "Attempted to reset password for non-existing account: %s", + serializer.validated_data["email"], ) return Response(status=status.HTTP_200_OK) @@ -301,14 +317,11 @@ class ConfirmAccountView(GenericAPIView): permission_classes = (AllowAny,) serializer_class = ConfirmAccountSerializer - def post(self, request, confirm_token): - serializer = self.serializer_class(data={"token": confirm_token}) - print(serializer) + def post(self, request): + serializer = self.serializer_class(data={request.data}) - try: - serializer.is_valid(raise_exception=True) - except ValidationError as e: - return ErrorResponse(str(e), e.status_code) + if not serializer.is_valid(): + return ErrorResponse(serializer.errors, status.HTTP_400_BAD_REQUEST) account_confirmation = AccountConfirmation.objects.get(token=serializer.validated_data["token"]) account = account_confirmation.account @@ -338,11 +351,17 @@ def post(self, request, *args, **kwargs): try: account = Account.objects.get(email=email) except Account.DoesNotExist: - logger.warning("Attempted to resend confirmation mail for non-existing account: %s", email) + logger.warning( + "Attempted to resend confirmation mail for non-existing account: %s", + email, + ) return Response(status=status.HTTP_200_OK) if account.is_confirmed: - logger.warning("Attempted to resend confirmation mail for already confirmed account: %s", email) + logger.warning( + "Attempted to resend confirmation mail for already confirmed account: %s", + email, + ) return Response(status=status.HTTP_200_OK) account.send_confirmation_mail()