From ed8082868fe918ddcf62cd26edb5103814f898bd Mon Sep 17 00:00:00 2001 From: Matt Wright Date: Thu, 12 Jul 2012 14:40:20 -0400 Subject: [PATCH] Simplify exceptions --- flask_security/confirmable.py | 11 ++++---- flask_security/exceptions.py | 6 ----- flask_security/recoverable.py | 12 ++++----- flask_security/views.py | 49 ++++++++++++++--------------------- 4 files changed, 31 insertions(+), 47 deletions(-) diff --git a/flask_security/confirmable.py b/flask_security/confirmable.py index 05d0d3a..4ef33bd 100644 --- a/flask_security/confirmable.py +++ b/flask_security/confirmable.py @@ -15,7 +15,7 @@ from itsdangerous import BadSignature, SignatureExpired from flask import current_app as app, request, url_for from werkzeug.local import LocalProxy -from .exceptions import UserNotFoundError, ConfirmationError, TokenExpiredError +from .exceptions import UserNotFoundError, ConfirmationError from .utils import send_mail, get_max_age, md5 from .signals import user_confirmed, confirm_instructions_sent @@ -96,16 +96,17 @@ def confirm_by_token(token): return user - except UserNotFoundError: - raise ConfirmationError('Invalid confirmation token') - except SignatureExpired: sig_okay, data = serializer.loads_unsafe(token) - raise TokenExpiredError(user=_datastore.find_user(id=data[0])) + raise ConfirmationError('Confirmation token expired', + user=_datastore.find_user(id=data[0])) except BadSignature: raise ConfirmationError('Invalid confirmation token') + except UserNotFoundError: + raise ConfirmationError('Invalid confirmation token') + def reset_confirmation_token(user): """Resets the specified user's confirmation token and sends the user diff --git a/flask_security/exceptions.py b/flask_security/exceptions.py index a060d8e..8e504b7 100644 --- a/flask_security/exceptions.py +++ b/flask_security/exceptions.py @@ -66,12 +66,6 @@ class ConfirmationError(SecurityError): """ -class TokenExpiredError(SecurityError): - """Raised when a user attempts to confirm their email but their token - has expired - """ - - class ConfirmationRequiredError(SecurityError): """Raised when a user attempts to login but requires confirmation """ diff --git a/flask_security/recoverable.py b/flask_security/recoverable.py index ee2144d..0cb70b0 100644 --- a/flask_security/recoverable.py +++ b/flask_security/recoverable.py @@ -13,8 +13,7 @@ from itsdangerous import BadSignature, SignatureExpired from flask import current_app as app, request, url_for from werkzeug.local import LocalProxy -from .exceptions import ResetPasswordError, UserNotFoundError, \ - TokenExpiredError +from .exceptions import ResetPasswordError, UserNotFoundError from .signals import password_reset, password_reset_requested, \ reset_instructions_sent from .utils import send_mail, get_max_age, md5 @@ -95,16 +94,17 @@ def reset_by_token(token, password): return user - except UserNotFoundError: - raise ResetPasswordError('Invalid reset password token') - except SignatureExpired: sig_okay, data = serializer.loads_unsafe(token) - raise TokenExpiredError(user=_datastore.find_user(id=data[0])) + raise ResetPasswordError('Password reset token expired', + user=_datastore.find_user(id=data[0])) except BadSignature: raise ResetPasswordError('Invalid reset password token') + except UserNotFoundError: + raise ResetPasswordError('Invalid reset password token') + def reset_password_reset_token(user): """Resets the specified user's reset password token and sends the user diff --git a/flask_security/views.py b/flask_security/views.py index a456727..690a50b 100644 --- a/flask_security/views.py +++ b/flask_security/views.py @@ -19,8 +19,8 @@ from werkzeug.datastructures import MultiDict from werkzeug.local import LocalProxy from .confirmable import confirm_by_token, reset_confirmation_token -from .exceptions import TokenExpiredError, ConfirmationError, \ - BadCredentialsError, ResetPasswordError +from .exceptions import ConfirmationError, BadCredentialsError, \ + ResetPasswordError from .forms import LoginForm, RegisterForm, ForgotPasswordForm, \ ResetPasswordForm, ResendConfirmationForm from .recoverable import reset_by_token, \ @@ -194,40 +194,28 @@ def send_confirmation(): def confirm_account(token): """View function which handles a account confirmation request.""" - error = False - try: user = confirm_by_token(token) + _logger.debug('%s confirmed their account' % user) except ConfirmationError, e: - error = True + msg = str(e) - _logger.debug('Confirmation error: ' + str(e)) + _logger.debug('Confirmation error: ' + msg) - do_flash(str(e), 'error') - - except TokenExpiredError, e: - error = True - - reset_confirmation_token(e.user) - - msg = 'You did not confirm your email within %s. ' \ - 'A new confirmation code has been sent to %s' % ( - _security.confirm_email_within, e.user.email) - - _logger.debug('Attempted account confirmation but token was expired') + if e.user: + reset_confirmation_token(e.user) + msg = ('You did not confirm your email within %s. ' + 'A new confirmation code has been sent to %s' % ( + _security.confirm_email_within, e.user.email)) do_flash(msg, 'error') - if error: return redirect(get_url(_security.confirm_error_view)) - _logger.debug('User %s confirmed' % user) - do_flash('Your email has been confirmed. You may now log in.', 'success') - return redirect(_security.post_confirm_view or - _security.post_login_view) + return redirect(_security.post_confirm_view or _security.post_login_view) def forgot_password(): @@ -265,18 +253,19 @@ def reset_password(token): if form.validate_on_submit(): try: - reset_by_token(token=token, **form.to_dict()) + user = reset_by_token(token=token, **form.to_dict()) + _logger.debug('%s reset their password' % user) except ResetPasswordError, e: - _logger.debug('Password reset error: ' + str(e)) + msg = str(e) - do_flash(str(e), 'error') + _logger.debug('Password reset error: ' + msg) - except TokenExpiredError, e: - _logger.debug('Attempted password reset but token was expired') + if e.user: + msg = ('You did not reset your password within ' + '%s.' % _security.reset_password_within) - do_flash('You did not reset your password within ' - '%s.' % _security.reset_password_within) + do_flash(msg, 'error') return render_template('security/passwords/edit.html', reset_password_form=form,