From 88070363558aa8c8f55021d8db1c410007d8854b Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Thu, 19 Jan 2023 11:51:52 +0300 Subject: auth: Fix user registration The code checking for errors was buggy and would let empty values through. The sqlite3.IntegrityError exception was not being handled correctly, and would cause a failure in the application. This commit fixes the issues noted above. * gn3/auth/authorisation/roles.py: fix bug in generating query params * gn3/auth/authorisation/views.py: fix error checking code. Raise exception if email is already registered. --- gn3/auth/authorisation/roles.py | 4 ++-- gn3/auth/authorisation/views.py | 41 +++++++++++++++++++++++++---------------- 2 files changed, 27 insertions(+), 18 deletions(-) (limited to 'gn3/auth/authorisation') diff --git a/gn3/auth/authorisation/roles.py b/gn3/auth/authorisation/roles.py index 606403e..9e2e83e 100644 --- a/gn3/auth/authorisation/roles.py +++ b/gn3/auth/authorisation/roles.py @@ -91,8 +91,8 @@ def assign_default_roles(cursor: db.DbCursor, user: User): '("group-creator")') role_ids = cursor.fetchall() str_user_id = str(user.user_id) - params = ( - {"user_id": str_user_id, "role_id": role_id} for role_id in role_ids) + params = tuple( + {"user_id": str_user_id, "role_id": row["role_id"]} for row in role_ids) cursor.executemany( ("INSERT INTO user_roles VALUES (:user_id, :role_id)"), params) diff --git a/gn3/auth/authorisation/views.py b/gn3/auth/authorisation/views.py index 2c47bd9..1c59ed1 100644 --- a/gn3/auth/authorisation/views.py +++ b/gn3/auth/authorisation/views.py @@ -1,5 +1,8 @@ """Endpoints for the authorisation stuff.""" +import traceback from typing import Tuple, Optional + +import sqlite3 from flask import request, jsonify, current_app from gn3.auth import db @@ -80,28 +83,34 @@ def register_user(): __assert_not_logged_in__(conn) form = request.form - email = form.get("email", "") - password = form.get("password", "") - user_name = form.get("user_name", "") + email = form.get("email", "").strip() + password = form.get("password", "").strip() + user_name = form.get("user_name", "").strip() errors = tuple( - error[1] for error in + error for valid,error in [__email_valid__(email), - __password_valid__(password, form.get("confirm_password", "")), + __password_valid__( + password, form.get("confirm_password", "").strip()), __user_name_valid__(user_name)] - if error[0]) + if not valid) if len(errors) > 0: raise UserRegistrationError(*errors) - with db.cursor(conn) as cursor: - user, _hashed_password = set_user_password( - cursor, save_user(cursor, email, user_name), password) - assign_default_roles(cursor, user) - return jsonify( - { - "user_id": user.user_id, - "email": user.email, - "name": user.name - }), 200 + try: + with db.cursor(conn) as cursor: + user, _hashed_password = set_user_password( + cursor, save_user(cursor, email, user_name), password) + assign_default_roles(cursor, user) + return jsonify( + { + "user_id": user.user_id, + "email": user.email, + "name": user.name + }), 200 + except sqlite3.IntegrityError as sq3ie: + current_app.logger.debug(traceback.format_exc()) + raise UserRegistrationError( + "A user with that email already exists") from sq3ie raise Exception( "unknown_error", "The system experienced an unexpected error.") -- cgit v1.2.3