Merge pull request 'fix: Give error message to users when address has already been validated' (#435) from cheerfulstoic/akkoma:develop into develop

Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/435
This commit is contained in:
floatingghost 2023-01-15 18:06:12 +00:00
commit 975bc6d7e8
2 changed files with 34 additions and 9 deletions

View file

@ -18,10 +18,21 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
action_fallback(:errors) action_fallback(:errors)
def confirm_email(conn, %{"user_id" => uid, "token" => token}) do def confirm_email(conn, %{"user_id" => uid, "token" => token}) do
with %User{} = user <- User.get_cached_by_id(uid), case User.get_cached_by_id(uid) do
true <- user.local and !user.is_confirmed and user.confirmation_token == token, %User{local: true, is_confirmed: false, confirmation_token: ^token} = user ->
{:ok, _} <- User.confirm(user) do case User.confirm(user) do
{:ok, _} ->
redirect(conn, to: "/") redirect(conn, to: "/")
{:error, _} ->
json_reply(conn, 400, "Unable to confirm")
end
%User{is_confirmed: true} ->
json_reply(conn, 400, "Already verified email")
_ ->
json_reply(conn, 400, "Couldn't verify email")
end end
end end

View file

@ -38,16 +38,30 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
refute user.confirmation_token refute user.confirmation_token
end end
test "it returns 500 if user cannot be found by id", %{conn: conn, user: user} do test "confirmation is requested twice", %{conn: conn, user: user} do
conn = get(conn, "/api/account/confirm_email/0/#{user.confirmation_token}") conn = get(conn, "/api/account/confirm_email/#{user.id}/#{user.confirmation_token}")
assert 302 == conn.status
assert 500 == conn.status conn = get(conn, "/api/account/confirm_email/#{user.id}/#{user.confirmation_token}")
assert 400 == conn.status
assert "Already verified email" == conn.resp_body
user = User.get_cached_by_id(user.id)
assert user.is_confirmed
refute user.confirmation_token
end end
test "it returns 500 if token is invalid", %{conn: conn, user: user} do test "it returns 400 if user cannot be found by id", %{conn: conn, user: user} do
conn = get(conn, "/api/account/confirm_email/0/#{user.confirmation_token}")
assert 400 == conn.status
end
test "it returns 400 if token is invalid", %{conn: conn, user: user} do
conn = get(conn, "/api/account/confirm_email/#{user.id}/wrong_token") conn = get(conn, "/api/account/confirm_email/#{user.id}/wrong_token")
assert 500 == conn.status assert 400 == conn.status
end end
end end