[email] Fix email unsubscribe error handling

This commit is contained in:
Cathy Hu 2020-09-06 23:06:52 +02:00
parent 04515dfa76
commit ad4f9fb4fb
3 changed files with 27 additions and 15 deletions

View file

@ -44,8 +44,8 @@ class EmailBot(Censor):
body = (
'%s\n\n--\n'
'If you want to stop receiving these mails,'
'follow this link: %s/api/hoods/%d/email/unsubscribe/%s'
) % (message.text, config['root_url'], self.hood.id, token)
'follow this link: %s/hoods/%d/email-unsubscribe?token=%s'
) % (message.text, config['frontend_url'], self.hood.id, token)
try:
logger.debug('Trying to send: \n%s' % body)
email.send_email(

View file

@ -13,6 +13,7 @@ from kibicara.config import config
from kibicara.webapi.admin import from_token, to_token
from kibicara.webapi.hoods import get_hood, get_hood_unauthorized
from logging import getLogger
from nacl import exceptions
from ormantic.exceptions import NoMatch
from os import urandom
from pydantic import BaseModel, validator
@ -188,8 +189,8 @@ async def email_subscribe(
:return: Returns status code 200 after sending confirmation email.
"""
token = to_token(hood=hood.id, email=subscriber.email)
confirm_link = '%s/api/hoods/%d/email/subscribe/confirm/%s' % (
config['root_url'],
confirm_link = '%s/hoods/%d/email-confirm?token=%s' % (
config['frontend_url'],
hood.id,
token,
)
@ -246,6 +247,7 @@ async def email_unsubscribe(token, hood=Depends(get_hood_unauthorized)):
:param token: encrypted JSON token, holds subscriber email + hood.id.
:param hood: Hood the Email bot belongs to.
"""
try:
logger.warning("token is: " + token)
payload = from_token(token)
# If token.hood and url.hood are different, raise an error:
@ -255,6 +257,10 @@ async def email_unsubscribe(token, hood=Depends(get_hood_unauthorized)):
hood=payload['hood'], email=payload['email']
).get()
await subscriber.delete()
except NoMatch:
return HTTPException(status_code=status.HTTP_404_NOT_FOUND)
except exceptions.CryptoError:
return HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
@router.get(

View file

@ -22,9 +22,15 @@ def test_email_subscribe_unsubscribe(client, hood_id, receive_email):
r'(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+',
body,
)[0]
response = client.post(urlparse(confirm_url).path)
response = client.post(
'/api/hoods/%d/email/subscribe/confirm/%s'
% (hood_id, urlparse(confirm_url).query[len('token=') :])
)
assert response.status_code == status.HTTP_201_CREATED
response = client.post(urlparse(confirm_url).path)
response = client.post(
'/api/hoods/%d/email/subscribe/confirm/%s'
% (hood_id, urlparse(confirm_url).query[len('token=') :])
)
assert response.status_code == status.HTTP_409_CONFLICT
token = to_token(email=mail['to'], hood=hood_id)
response = client.delete('/api/hoods/%d/email/unsubscribe/%s' % (hood_id, token))