Mirror
/
app-MAIL-temp
mirror of https://github.com/simple-login/app.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Ensure coupons are only used once

This commit is contained in:
Adrià Casajús 2023-05-03 16:01:21 +02:00
parent 23a4e46885
commit e54af47c70
No known key found for this signature in database
GPG Key ID: F0033226A5AFC9B9
2 changed files with 26 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/dashboard/views/coupon.py
View File

@ -68,9 +68,14 @@ def coupon_route():
)
return redirect(request.url)
coupon.used_by_user_id = current_user.id
coupon.used = True
Session.commit()
updated = (
Session.query(Coupon)
.filter_by(code=code, used=False)
.update({"used_by_user_id": current_user.id, "used": True})
)
if updated != 1:
flash("Coupon is not valid", "error")
return redirect(request.url)
manual_sub: ManualSubscription = ManualSubscription.get_by(
user_id=current_user.id

18
tests/dashboard/test_coupon.py Normal file
View File

@ -0,0 +1,18 @@
from flask import url_for
from app.models import Coupon
from app.utils import random_string
from tests.utils import login
def test_use_coupon(flask_client):
login(flask_client)
code = random_string(10)
Coupon.create(code=code, nb_year=1, commit=True)
r = flask_client.post(
url_for("dashboard.coupon_route"),
data={"code": code},
)
assert r.status_code == 200
assert Coupon.get_by(code=code).used