From e0c7a3deb20ce3033bd63d30ac742ffac3b415e3 Mon Sep 17 00:00:00 2001 From: Matt Wright Date: Wed, 6 Jun 2012 17:51:14 -0400 Subject: [PATCH] Fix #10 --- flask_security/confirmable.py | 7 +++++-- tests/functional_tests.py | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/flask_security/confirmable.py b/flask_security/confirmable.py index 9c1a849..992c8dc 100644 --- a/flask_security/confirmable.py +++ b/flask_security/confirmable.py @@ -76,12 +76,15 @@ def confirm_by_token(token): except UserNotFoundError: raise ConfirmationError('Invalid confirmation token') + if user.confirmed_at: + raise ConfirmationError('Account has already been confirmed') + if confirmation_token_is_expired(user): raise TokenExpiredError(message='Confirmation token is expired', user=user) - user.confirmation_token = None - user.confirmation_sent_at = None + #user.confirmation_token = None + #user.confirmation_sent_at = None user.confirmed_at = datetime.utcnow() security.datastore._save_model(user) diff --git a/tests/functional_tests.py b/tests/functional_tests.py index 059d842..e80f6ae 100644 --- a/tests/functional_tests.py +++ b/tests/functional_tests.py @@ -186,7 +186,7 @@ class ConfirmableTests(SecurityTest): self.client.get('/confirm?confirmation_token=' + token, follow_redirects=True) r = self.client.get('/confirm?confirmation_token=' + token, follow_redirects=True) - self.assertIn('Invalid confirmation token', r.data) + self.assertIn('Account has already been confirmed', r.data) def test_unprovided_token_when_confirming_email(self): r = self.client.get('/confirm', follow_redirects=True)