From a87e21eda5ec0ab7887159bd05f2a3b956316e3b Mon Sep 17 00:00:00 2001 From: Scott Trinh Date: Mon, 4 Mar 2024 16:17:59 -0500 Subject: [PATCH] Ensure verification redirect includes code For successful email verification attempts, ensure that if the verification token does not already include a redirect_to address, we add the `code` query parameter to the redirect with the default redirect_to URL from the UI config. --- edb/server/protocol/auth_ext/http.py | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/edb/server/protocol/auth_ext/http.py b/edb/server/protocol/auth_ext/http.py index 3604c8f7cb1..e051bcd0cf6 100644 --- a/edb/server/protocol/auth_ext/http.py +++ b/edb/server/protocol/auth_ext/http.py @@ -1479,20 +1479,17 @@ async def handle_ui_verify(self, request: Any, response: Any): case _: maybe_pkce_code = None - match maybe_redirect_to: - case str(rt): - redirect_to = ( - _with_appended_qs( - rt, - { - "code": [maybe_pkce_code], - }, - ) - if maybe_pkce_code - else rt - ) - case _: - redirect_to = cast(str, ui_config.redirect_to) + redirect_to = maybe_redirect_to or redirect_to + redirect_to = ( + _with_appended_qs( + redirect_to, + { + "code": [maybe_pkce_code], + }, + ) + if maybe_pkce_code + else redirect_to + ) except errors.VerificationTokenExpired: app_details_config = self._get_app_details_config()