From 983e24a7f5018b98f657a93b200a5b0c8770b075 Mon Sep 17 00:00:00 2001
From: Tim Abbott <tabbott@zulipchat.com>
Date: Mon, 11 Mar 2019 17:56:52 -0700
Subject: [PATCH] auth: Use HTTP status 404 for invalid realms.

Apparently, our invalid realm error page had HTTP status 200, which
could be confusing and in particular broken our mobile app's error
handling for this case.
---
 zerver/middleware.py               |  2 +-
 zerver/tests/test_auth_backends.py | 10 ++++++----
 zerver/tests/test_docs.py          |  3 ++-
 zerver/tests/test_signup.py        |  8 ++++----
 4 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/zerver/middleware.py b/zerver/middleware.py
index 02eae42946..2e25466574 100644
--- a/zerver/middleware.py
+++ b/zerver/middleware.py
@@ -373,7 +373,7 @@ class SessionHostDomainMiddleware(SessionMiddleware):
             if subdomain != Realm.SUBDOMAIN_FOR_ROOT_DOMAIN:
                 realm = get_realm(subdomain)
                 if (realm is None):
-                    return render(request, "zerver/invalid_realm.html")
+                    return render(request, "zerver/invalid_realm.html", status=404)
         """
         If request.session was modified, or if the configuration is to save the
         session every time, save the changes and set a session cookie or delete
diff --git a/zerver/tests/test_auth_backends.py b/zerver/tests/test_auth_backends.py
index 1d4af87127..01d568fb06 100644
--- a/zerver/tests/test_auth_backends.py
+++ b/zerver/tests/test_auth_backends.py
@@ -592,8 +592,9 @@ class SocialAuthBase(ZulipTestCase):
         account_data_dict = self.get_account_data_dict(email=self.email, name=self.name)
         result = self.social_auth_test(account_data_dict,
                                        subdomain='nonexistent')
-        self.assert_in_success_response(["There is no Zulip organization hosted at this subdomain."],
-                                        result)
+        self.assert_in_response("There is no Zulip organization hosted at this subdomain.",
+                                result)
+        self.assertEqual(result.status_code, 404)
 
     def test_user_cannot_log_into_wrong_subdomain(self) -> None:
         account_data_dict = self.get_account_data_dict(email=self.email, name=self.name)
@@ -1261,8 +1262,9 @@ class GoogleSubdomainLoginTest(GoogleOAuthTest):
         account_response = ResponseMock(200, account_data)
         result = self.google_oauth2_test(token_response, account_response,
                                          subdomain='nonexistent')
-        self.assert_in_success_response(["There is no Zulip organization hosted at this subdomain."],
-                                        result)
+        self.assert_in_response("There is no Zulip organization hosted at this subdomain.",
+                                result)
+        self.assertEqual(result.status_code, 404)
 
     def test_user_cannot_log_into_wrong_subdomain(self) -> None:
         token_response = ResponseMock(200, {'access_token': "unique_token"})
diff --git a/zerver/tests/test_docs.py b/zerver/tests/test_docs.py
index 8f5f3a5988..91c10ed039 100644
--- a/zerver/tests/test_docs.py
+++ b/zerver/tests/test_docs.py
@@ -355,7 +355,8 @@ class PlansPageTest(ZulipTestCase):
         self.assert_in_success_response(["Sign up now"], result)
         # Test non-existant domain
         result = self.client_get("/plans/", subdomain="moo")
-        self.assert_in_success_response(["does not exist"], result)
+        self.assertEqual(result.status_code, 404)
+        self.assert_in_response("does not exist", result)
         # Test valid domain, no login
         realm = get_realm("zulip")
         realm.plan_type = Realm.STANDARD_FREE
diff --git a/zerver/tests/test_signup.py b/zerver/tests/test_signup.py
index 23068b79f2..0b1458945a 100644
--- a/zerver/tests/test_signup.py
+++ b/zerver/tests/test_signup.py
@@ -320,9 +320,9 @@ class PasswordResetTest(ZulipTestCase):
             subdomain="invalid")
 
         # check the redirect link telling you to check mail for password reset link
-        self.assertEqual(result.status_code, 200)
-        self.assert_in_success_response(["There is no Zulip organization hosted at this subdomain."],
-                                        result)
+        self.assertEqual(result.status_code, 404)
+        self.assert_in_response("There is no Zulip organization hosted at this subdomain.",
+                                result)
 
         from django.core.mail import outbox
         self.assertEqual(len(outbox), 0)
@@ -440,7 +440,7 @@ class LoginTest(ZulipTestCase):
     def test_login_invalid_subdomain(self) -> None:
         result = self.login_with_return(self.example_email("hamlet"), "xxx",
                                         subdomain="invalid")
-        self.assertEqual(result.status_code, 200)
+        self.assertEqual(result.status_code, 404)
         self.assert_in_response("There is no Zulip organization hosted at this subdomain.", result)
         self.assertIsNone(get_session_dict_user(self.client.session))