3pp-mirror/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-07-23 06:17:17 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add better email cleaning mechanism

Browse source 
This commit separates the email cleaning mechanism to a separated
function, and enables a proper cleaning of `mailto:` prefix, usually
found on invitations because users just copy and paste from external
source.
This commit is contained in:
Andrey Antukh 2024-02-07 09:14:07 +01:00
parent 040b336ef9
commit d2626ead0b
8 changed files with 57 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

13
backend/src/app/rpc/commands/auth.clj
View file

@ -82,7 +82,8 @@
profile)
(login [{:keys [::db/conn] :as cfg}]
(let [profile (->> (profile/get-profile-by-email conn email)
(let [profile (->> (profile/clean-email email)
(profile/get-profile-by-email conn)
(validate-profile cfg)
(profile/strip-private-attrs))
@ -202,11 +203,12 @@
(pos? (compare elapsed register-retry-threshold))))
(defn prepare-register
[{:keys [::db/pool] :as cfg} params]
[{:keys [::db/pool] :as cfg} {:keys [email] :as params}]
(validate-register-attempt! cfg params)
(let [profile (when-let [profile (profile/get-profile-by-email pool (:email params))]
(let [email (profile/clean-email email)
profile (when-let [profile (profile/get-profile-by-email pool email)]
(cond
(:is-blocked profile)
(ex/raise :type :restriction
@ -221,7 +223,7 @@
:code :email-already-exists
:hint "profile already exists")))
params {:email (:email params)
params {:email email
:password (:password params)
:invitation-token (:invitation-token params)
:backend "penpot"
@ -447,7 +449,8 @@
nil))]
(db/with-atomic [conn pool]
(when-let [profile (profile/get-profile-by-email conn email)]
(when-let [profile (->> (profile/clean-email email)
(profile/get-profile-by-email conn))]
(when-not (eml/allow-send-emails? conn profile)
(ex/raise :type :validation
:code :profile-is-muted