auth: Use HTTP status 404 for invalid realms.

Apparently, our invalid realm error page had HTTP status 200, which
could be confusing and in particular broken our mobile app's error
handling for this case.

zerver/middleware.py

@@ -373,7 +373,7 @@ class SessionHostDomainMiddleware(SessionMiddleware):
             if subdomain != Realm.SUBDOMAIN_FOR_ROOT_DOMAIN:
                 realm = get_realm(subdomain)
                 if (realm is None):
-                    return render(request, "zerver/invalid_realm.html")
+                    return render(request, "zerver/invalid_realm.html", status=404)
         """
         If request.session was modified, or if the configuration is to save the
         session every time, save the changes and set a session cookie or delete

zerver/tests/test_auth_backends.py

@@ -592,8 +592,9 @@ class SocialAuthBase(ZulipTestCase):
         account_data_dict = self.get_account_data_dict(email=self.email, name=self.name)
         result = self.social_auth_test(account_data_dict,
                                        subdomain='nonexistent')
-        self.assert_in_success_response(["There is no Zulip organization hosted at this subdomain."],
+        self.assert_in_response("There is no Zulip organization hosted at this subdomain.",
                                 result)
+        self.assertEqual(result.status_code, 404)
 
     def test_user_cannot_log_into_wrong_subdomain(self) -> None:
         account_data_dict = self.get_account_data_dict(email=self.email, name=self.name)
@@ -1261,8 +1262,9 @@ class GoogleSubdomainLoginTest(GoogleOAuthTest):
         account_response = ResponseMock(200, account_data)
         result = self.google_oauth2_test(token_response, account_response,
                                          subdomain='nonexistent')
-        self.assert_in_success_response(["There is no Zulip organization hosted at this subdomain."],
+        self.assert_in_response("There is no Zulip organization hosted at this subdomain.",
                                 result)
+        self.assertEqual(result.status_code, 404)
 
     def test_user_cannot_log_into_wrong_subdomain(self) -> None:
         token_response = ResponseMock(200, {'access_token': "unique_token"})

zerver/tests/test_docs.py

@@ -355,7 +355,8 @@ class PlansPageTest(ZulipTestCase):
         self.assert_in_success_response(["Sign up now"], result)
         # Test non-existant domain
         result = self.client_get("/plans/", subdomain="moo")
-        self.assert_in_success_response(["does not exist"], result)
+        self.assertEqual(result.status_code, 404)
+        self.assert_in_response("does not exist", result)
         # Test valid domain, no login
         realm = get_realm("zulip")
         realm.plan_type = Realm.STANDARD_FREE

zerver/tests/test_signup.py

@@ -320,8 +320,8 @@ class PasswordResetTest(ZulipTestCase):
             subdomain="invalid")
 
         # check the redirect link telling you to check mail for password reset link
-        self.assertEqual(result.status_code, 200)
-        self.assert_in_success_response(["There is no Zulip organization hosted at this subdomain."],
+        self.assertEqual(result.status_code, 404)
+        self.assert_in_response("There is no Zulip organization hosted at this subdomain.",
                                 result)
 
         from django.core.mail import outbox
@@ -440,7 +440,7 @@ class LoginTest(ZulipTestCase):
     def test_login_invalid_subdomain(self) -> None:
         result = self.login_with_return(self.example_email("hamlet"), "xxx",
                                         subdomain="invalid")
-        self.assertEqual(result.status_code, 200)
+        self.assertEqual(result.status_code, 404)
         self.assert_in_response("There is no Zulip organization hosted at this subdomain.", result)
         self.assertIsNone(get_session_dict_user(self.client.session))