From 2d395f99bbc58a094712a9a46a515b9d1bfec098 Mon Sep 17 00:00:00 2001 From: Son NK <> Date: Wed, 2 Sep 2020 09:56:16 +0200 Subject: [PATCH] make sure to remove whitespace in alias --- app/api/views/new_custom_alias.py | 8 ++++---- app/dashboard/views/custom_alias.py | 2 +- app/models.py | 7 ++++++- app/oauth/views/authorize.py | 2 ++ 4 files changed, 13 insertions(+), 6 deletions(-) diff --git a/app/api/views/new_custom_alias.py b/app/api/views/new_custom_alias.py index 4d043aed..244bc9a7 100644 --- a/app/api/views/new_custom_alias.py +++ b/app/api/views/new_custom_alias.py @@ -60,8 +60,8 @@ def new_custom_alias(): if not data: return jsonify(error="request body cannot be empty"), 400 - alias_prefix = data.get("alias_prefix", "").strip().lower() - alias_suffix = data.get("alias_suffix", "").strip().lower() + alias_prefix = data.get("alias_prefix", "").strip().lower().replace(" ", "") + alias_suffix = data.get("alias_suffix", "").strip().lower().replace(" ", "") note = data.get("note") alias_prefix = convert_to_id(alias_prefix) @@ -132,7 +132,7 @@ def new_custom_alias_v2(): if not data: return jsonify(error="request body cannot be empty"), 400 - alias_prefix = data.get("alias_prefix", "").strip().lower() + alias_prefix = data.get("alias_prefix", "").strip().lower().replace(" ", "") signed_suffix = data.get("signed_suffix", "").strip() note = data.get("note") alias_prefix = convert_to_id(alias_prefix) @@ -229,7 +229,7 @@ def new_custom_alias_v3(): if not data: return jsonify(error="request body cannot be empty"), 400 - alias_prefix = data.get("alias_prefix", "").strip().lower() + alias_prefix = data.get("alias_prefix", "").strip().lower().replace(" ", "") signed_suffix = data.get("signed_suffix", "").strip() mailbox_ids = data.get("mailbox_ids") note = data.get("note") diff --git a/app/dashboard/views/custom_alias.py b/app/dashboard/views/custom_alias.py index e207de52..30880a73 100644 --- a/app/dashboard/views/custom_alias.py +++ b/app/dashboard/views/custom_alias.py @@ -64,7 +64,7 @@ def custom_alias(): mailboxes = current_user.mailboxes() if request.method == "POST": - alias_prefix = request.form.get("prefix").strip().lower() + alias_prefix = request.form.get("prefix").strip().lower().replace(" ", "") signed_suffix = request.form.get("suffix") mailbox_ids = request.form.getlist("mailboxes") alias_note = request.form.get("note") diff --git a/app/models.py b/app/models.py index bb51033a..e80d8276 100644 --- a/app/models.py +++ b/app/models.py @@ -847,8 +847,11 @@ class Alias(db.Model, ModelMixin): def create(cls, **kw): r = cls(**kw) - # make sure alias is not in global trash, i.e. DeletedAlias table email = kw["email"] + # make sure email is lowercase and doesn't have any whitespace + email = email.lower().strip().replace(" ", "") + + # make sure alias is not in global trash, i.e. DeletedAlias table if DeletedAlias.get_by(email=email): raise AliasInTrashError @@ -860,6 +863,8 @@ class Alias(db.Model, ModelMixin): @classmethod def create_new(cls, user, prefix, note=None, mailbox_id=None): + prefix = prefix.lower().strip().replace(" ", "") + if not prefix: raise Exception("alias prefix cannot be empty") diff --git a/app/oauth/views/authorize.py b/app/oauth/views/authorize.py index f6f36eda..79435428 100644 --- a/app/oauth/views/authorize.py +++ b/app/oauth/views/authorize.py @@ -152,6 +152,8 @@ def authorize(): if not current_user.can_create_new_alias(): raise Exception(f"User {current_user} cannot create custom email") + alias_prefix = alias_prefix.strip().lower().replace(" ", "") + # hypothesis: user will click on the button in the 600 secs try: alias_suffix = signer.unsign(signed_suffix, max_age=600).decode()