From 2c2e1772b23bbd42b99eeedc854f4d7b723e59d1 Mon Sep 17 00:00:00 2001 From: Navan Chauhan Date: Sun, 6 Jun 2021 15:06:02 +0530 Subject: add exceptions for confirm token and test for unverified email --- app/views/auth.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'app/views') diff --git a/app/views/auth.py b/app/views/auth.py index f2cf338..d6f02b8 100644 --- a/app/views/auth.py +++ b/app/views/auth.py @@ -5,6 +5,7 @@ from app.misc_func import flash_errors, send, send_async import flask_login from sqlalchemy.exc import IntegrityError from itsdangerous.url_safe import URLSafeSerializer +from itsdangerous.exc import BadSignature ts = URLSafeSerializer(app.config["SECRET_KEY"]) @@ -111,8 +112,9 @@ def confirm_email(): try: email = ts.loads(confirmation_token, salt="email-confirm-key",max_age=86400) except TypeError: - return render_template("message.html",message="Expired or Invalid Token") - + return render_template("message.html",message="Token not provided in URL Parameter") + except BadSignature: + return render_template("message.html",message="Bad Token Provided") user = models.User.query.filter_by(email=email).first() print(email) user.confirmation = True -- cgit v1.2.3