From 8a08cfdadb88260c2c83b445ab163e099cd0d039 Mon Sep 17 00:00:00 2001
From: Llloooggg <poddeo3@gmail.com>
Date: Thu, 19 Aug 2021 09:52:10 +0300
Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?=
 =?UTF-8?q?=D0=BD=D0=B0=20=D0=BF=D1=80=D0=BE=D0=B2=D0=B5=D1=80=D0=BA=D0=B0?=
 =?UTF-8?q?=20=D0=BD=D0=B0=20=D1=81=D1=83=D1=89=D0=B5=D1=81=D1=82=D0=B2?=
 =?UTF-8?q?=D1=83=D1=8E=D1=89=D0=B5=D0=B3=D0=BE=20=D0=BF=D0=BE=D0=BB=D1=8C?=
 =?UTF-8?q?=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D1=8F=20=D0=BF=D1=80?=
 =?UTF-8?q?=D0=B8=20=D0=BF=D0=BE=D0=B2=D1=82=D0=BE=D1=80=D0=BD=D0=BE=D0=B9?=
 =?UTF-8?q?=20=D0=BE=D1=82=D0=BF=D1=80=D0=B0=D0=B2=D0=BA=D0=B8=20=D1=81?=
 =?UTF-8?q?=D1=81=D1=8B=D0=BB=D0=BA=D0=B8=20=D0=BF=D0=BE=D0=B4=D1=82=D0=B2?=
 =?UTF-8?q?=D0=B5=D1=80=D0=B6=D0=B4=D0=B5=D0=BD=D0=B8=D1=8F=20=D1=80=D0=B5?=
 =?UTF-8?q?=D0=B3=D0=B8=D1=81=D1=82=D1=80=D0=B0=D1=86=D0=B8=D0=B8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 dyxless/auth.py | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/dyxless/auth.py b/dyxless/auth.py
index b5207cf..409b6aa 100644
--- a/dyxless/auth.py
+++ b/dyxless/auth.py
@@ -126,6 +126,13 @@ def resend_confirmation():
     elif request.method == "POST":
         email = request.form.get("email")
 
+        user = User.query.filter_by(email=email).first()
+        if not user or user.is_confirmed:
+            flash(
+                "Аккаунт уже подтвержден или не зарегистрирован", "is-warning"
+            )
+            return redirect(url_for("auth.login"))
+
         confirmation_email_sending = send_confirmation_email(email)
 
         if confirmation_email_sending:
@@ -157,14 +164,18 @@ def confirm_token(token, expiration):
 
 @auth.route("/confirm/<token>")
 def confirm_email(token):
-    try:
-        email = confirm_token(
-            token, int(current_app.config["TOKEN_EXPIRATION"])
+
+    email = confirm_token(token, int(current_app.config["TOKEN_EXPIRATION"]))
+    if not email:
+        flash(
+            Markup(
+                f"Ссылка подтверждения невалидна или устарела. <a href='{url_for('auth.resend_confirmation')}'>Повторить отправку</a>"
+            ),
+            "is-danger",
         )
-        print(email)
-    except:
-        flash("Ссылка подтверждения невалидна или устарела", "is-danger")
-    user = User.query.filter_by(email=email).first_or_404()
+        return redirect(url_for("auth.login"))
+
+    user = User.query.filter_by(email=email).first()
     if user.is_confirmed:
         flash("Аккаунт уже подтвержден", "is-warning")
     else: