Merge pull request #72 from ticketfrei/confirm-37
check if account already exists to avoid double use of confirmation mail
This commit is contained in:
commit
a38c2316f2
9
db.py
9
db.py
|
@ -14,7 +14,6 @@ class DB(object):
|
|||
self.conn = sqlite3.connect(dbfile)
|
||||
self.cur = self.conn.cursor()
|
||||
self.create()
|
||||
self.secret = self.get_secret()
|
||||
|
||||
def execute(self, *args, **kwargs):
|
||||
return self.cur.execute(*args, **kwargs)
|
||||
|
@ -189,7 +188,7 @@ class DB(object):
|
|||
'passhash': scrypt_mcf(
|
||||
password.encode('utf-8')
|
||||
).decode('ascii')
|
||||
}, self.secret).decode('ascii')
|
||||
}, self.get_secret()).decode('ascii')
|
||||
|
||||
def mail_subscription_token(self, email, city):
|
||||
"""
|
||||
|
@ -203,17 +202,17 @@ class DB(object):
|
|||
token = jwt.encode({
|
||||
'email': email,
|
||||
'city': city
|
||||
}, self.secret).decode('ascii')
|
||||
}, self.get_secret()).decode('ascii')
|
||||
return token
|
||||
|
||||
def confirm_subscription(self, token):
|
||||
json = jwt.decode(token, self.secret)
|
||||
json = jwt.decode(token, self.get_secret())
|
||||
return json['email'], json['city']
|
||||
|
||||
def confirm(self, token, city):
|
||||
from user import User
|
||||
try:
|
||||
json = jwt.decode(token, self.secret)
|
||||
json = jwt.decode(token, self.get_secret())
|
||||
except jwt.DecodeError:
|
||||
return None # invalid token
|
||||
if 'passhash' in json.keys():
|
||||
|
|
|
@ -56,11 +56,15 @@ def register_post():
|
|||
@get('/confirm/<city>/<token>')
|
||||
@view('template/propaganda.tpl')
|
||||
def confirm(city, token):
|
||||
# check whether city already exists
|
||||
if db.by_city(city):
|
||||
return dict(error='This Account was already confirmed, please try '
|
||||
'signing in.')
|
||||
# create db-entry
|
||||
if db.confirm(token, city):
|
||||
# :todo show info "Account creation successful."
|
||||
redirect('/settings')
|
||||
return dict(error='Email confirmation failed.')
|
||||
return dict(error='Account creation failed. Please try to register again.')
|
||||
|
||||
|
||||
@post('/login')
|
||||
|
|
Loading…
Reference in a new issue