confirmation/views: Remove buggy behavior for expired confirmation links.

Previously, an expired preregistrationuser link would still be passed on to /accounts/register (via the confirm_preregistrationuser.html template), just with the PreregistrationUser.status not set to 1. But accounts_register never checks prereg_user.status, and hence processes the user as if the link had been confirmed. With this commit, expired confirmation links never get past the confirmation code.
2025-11-04 05:53:43 +00:00 · 2017-07-07 02:14:12 -07:00
parent 834be2d7cb
commit ac5e6a9b8a
1 changed files with 2 additions and 11 deletions
--- a/confirmation/views.py
+++ b/confirmation/views.py
@@ -13,7 +13,7 @@ from django.http import HttpRequest, HttpResponse
 from confirmation.models import Confirmation
 from zerver.models import PreregistrationUser

-from typing import Any
+from typing import Any, Dict

 # This is currently only used for confirming PreregistrationUser.
 # Do not add other confirmation paths here.
@@ -21,16 +21,7 @@ def confirm(request, confirmation_key):
    # type: (HttpRequest, str) -> HttpResponse
    confirmation_key = confirmation_key.lower()
    obj = Confirmation.objects.confirm(confirmation_key)
-    confirmed = True
-    if not obj:
-        # confirmation failed
-        confirmed = False
-        try:
-            # try to get the object we was supposed to confirm
-            obj = Confirmation.objects.get(confirmation_key=confirmation_key)
-        except Confirmation.DoesNotExist:
-            pass
-    ctx = {'confirmed': confirmed}  # type: Dict[str, Any]
+    ctx = {'confirmed': False}  # type: Dict[str, Any]
    templates = [
        'confirmation/confirm.html',
    ]