PrivateCoffee/synapse-registration
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: Handle missing registration token gracefully

Browse source 
Replaces the use of get_object_or_404 with a try-except block
to specifically catch UserRegistration.DoesNotExist. Returns
a 403 Forbidden response with a dedicated registration
forbidden template for invalid tokens.

Improves user experience by providing a clearer error
message when the registration token is missing or
invalid.
This commit is contained in:
Kumi 2024-11-16 21:19:40 +01:00
parent b34379b34e
commit 45425e650a
Signed by: kumi
GPG key ID: ECBCC9082395383F
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/synapse_registration/registration/views.py
View file

@ -78,7 +78,10 @@ class EmailInputView(FormView):
class VerifyEmailView(View): class VerifyEmailView(View):
def get(self, request, token): def get(self, request, token):
registration = get_object_or_404(UserRegistration, token=token) try:
registration = UserRegistration.objects.get(token=token)
except UserRegistration.DoesNotExist:
return render(request, "registration/registration_forbidden.html", status=403)
if registration.status != UserRegistration.STATUS_STARTED: if registration.status != UserRegistration.STATUS_STARTED:
return render(request, "registration/registration_forbidden.html", status=403) return render(request, "registration/registration_forbidden.html", status=403)