Главная Обзор Помощь
Вход
SMusatov
/
sentry
зеркало из https://github.com/getsentry/sentry
1
0
Ответвить 0
Файлы
Просмотр исходного кода

fix: redirect to login when confirming email if user is not authenticated (#64818)

Fixes an issue where users receive an error when trying to confirm their
emails if they are not already logged in. This redirects the user to
login and then to the email confirmation.
Matthew T 1 год назад
Родитель
6634a02b0c
Сommit
e031a56bc2
2 измененных файлов с 19 добавлено и 1 удалено
Разделённый вид Показать статистику Diff
  1. 2 1
      src/sentry/web/frontend/accounts.py
  2. 17 0
      tests/sentry/web/frontend/test_accounts.py

+ 2 - 1
src/sentry/web/frontend/accounts.py
Просмотреть файл 

@@ -241,6 +241,7 @@ def start_confirm_email(request):
 
 
 
 @set_referrer_policy("strict-origin-when-cross-origin")
 
+@login_required
 
 @control_silo_function
 
 def confirm_email(request, user_id, hash):
 
     msg = _("Thanks for confirming your email")
 
@@ -261,7 +262,7 @@ def confirm_email(request, user_id, hash):
 
     else:
 
         email.is_verified = True
 
         email.validation_hash = ""
 
-        email.save()
 
+        email.save(update_fields=["is_verified", "validation_hash"])
 
         email_verified.send(email=email.email, sender=email)
 
         logger.info(
 
             "user.email.confirm",

+ 17 - 0
tests/sentry/web/frontend/test_accounts.py
Просмотреть файл 

@@ -357,3 +357,20 @@ class TestAccounts(TestCase):
 
             messages[0].message
 
             == "There was an error confirming your email. Please try again or visit your Account Settings to resend the verification email."
 
         )
 
+
 
+    def test_confirm_email_unauthenticated(self):
 
+        useremail = UserEmail(user=self.user, email="new@example.com")
 
+        useremail.save()
 
+
 
+        assert not useremail.is_verified
 
+
 
+        url = reverse(
 
+            "sentry-account-confirm-email",
 
+            kwargs={"user_id": self.user.id, "hash": useremail.validation_hash},
 
+        )
 
+
 
+        resp = self.client.get(url)
 
+
 
+        assert resp.status_code == 302
 
+        assert resp.headers["location"] == "/auth/login/"
 
+        assert self.client.session["_next"] == url