Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle invalid email if mandatory verification is enabled at a later time #10759

Closed
giohappy opened this issue Mar 9, 2023 · 0 comments · Fixed by #12125
Closed

Handle invalid email if mandatory verification is enabled at a later time #10759

giohappy opened this issue Mar 9, 2023 · 0 comments · Fixed by #12125
Assignees
@mattiagiupponi
Labels
master minor A low priority issue which might affect only some users and /or not the main functionality
Milestone
4.3.0

Comments

@giohappy
Copy link
Contributor

giohappy commented Mar 9, 2023
edited
Loading

If ACCOUNT_EMAIL_VERIFICATION is set to mandatory at a later time, and we have users with invalid emails, next time they try to login will get a 500 error from Nginx, caused by an abrupt termination of the uwsgi connection due to an unhandled SMTPRecipientsRefused exception thrown by smtplib.

The /account/login POST request is handled by Django and the allauth lib, so at the moment we don't have a point where this can be handled gracefully.

A solution could be overloading the allauth.account.DefaultAccountAdapter.pre_login method inside our LocalAccountAdapter adapter.

In case the setting is set to mandatory this method will verify that a valid email is configured for the user. In case it isn't we can redirect to a page with a message inviting the user to contact the administrator for resetting their email, like we do for other similar messages like admin_approval_sent.html or email_confirm.html.
Several methods exist to verify emails in Python. One of the most common libraries is email-validator, but even something based on regex could be enough.

Moreover, this control should be skipped for administrators. At least for the default administrator.

Internal Server Error: /account/login/
Traceback (most recent call last):
  File "/usr/local/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.10/site-packages/django/views/generic/base.py", line 70, in view
    return self.dispatch(request, *args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
    return bound_method(*args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/django/views/decorators/debug.py", line 89, in sensitive_post_parameters_wrapper
    return view(request, *args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/views.py", line 149, in dispatch
    return super(LoginView, self).dispatch(request, *args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/views.py", line 77, in dispatch
    response = super(RedirectAuthenticatedUserMixin, self).dispatch(
  File "/usr/local/lib/python3.10/site-packages/django/views/generic/base.py", line 98, in dispatch
    return handler(request, *args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/views.py", line 105, in post
    response = self.form_valid(form)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/views.py", line 162, in form_valid
    return form.login(self.request, redirect_url=success_url)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/forms.py", line 196, in login
    ret = perform_login(
  File "/usr/local/lib/python3.10/site-packages/allauth/account/utils.py", line 168, in perform_login
    response = adapter.pre_login(request, user, **hook_kwargs)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/adapter.py", line 412, in pre_login
    send_email_confirmation(request, user, signup=signup, email=email)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/utils.py", line 319, in send_email_confirmation
    email_address.send_confirmation(request, signup=signup)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/models.py", line 59, in send_confirmation
    confirmation.send(request, signup=signup)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/models.py", line 166, in send
    get_adapter(request).send_confirmation_mail(request, self, signup)
  File "/usr/local/lib/python3.10/site-packages/allauth/account/adapter.py", line 549, in send_confirmation_mail
    self.send_mail(email_template, emailconfirmation.email_address.email, ctx)
  File "/usr/src/geonode/geonode/people/adapters.py", line 139, in send_mail
    msg.send()
  File "/usr/local/lib/python3.10/site-packages/django/core/mail/message.py", line 284, in send
    return self.get_connection(fail_silently).send_messages([self])
  File "/usr/local/lib/python3.10/site-packages/django/core/mail/backends/smtp.py", line 109, in send_messages
    sent = self._send(message)
  File "/usr/local/lib/python3.10/site-packages/django/core/mail/backends/smtp.py", line 125, in _send
    self.connection.sendmail(from_email, recipients, message.as_bytes(linesep='\r\n'))
  File "/usr/local/lib/python3.10/smtplib.py", line 901, in sendmail
    raise SMTPRecipientsRefused(senderrs)
smtplib.SMTPRecipientsRefused: {'ad@m.in': (550, b'5.1.1 aDwdpOcoUgdVgaDwepjjm4 m.in dominio non valido / invalid destination domain')}
@giohappy giohappy added minor A low priority issue which might affect only some users and /or not the main functionality master 4.1.x labels Mar 9, 2023
@giohappy giohappy self-assigned this Mar 9, 2023
@giohappy giohappy removed the 4.1.x label Mar 20, 2024
@giohappy giohappy assigned RegisSinjari and unassigned giohappy Mar 20, 2024
@giohappy giohappy added this to the 4.3.0 milestone Mar 20, 2024
RegisSinjari added a commit that referenced this issue Apr 2, 2024
@RegisSinjari
[Fixes #10759] Handle invalid email if mandatory verification is enab…
32d17e8 
…led at a later time
RegisSinjari added a commit that referenced this issue Apr 2, 2024
@RegisSinjari
[Fixes #10759] Handle invalid email if mandatory verification is enab…
b1a98f6 
…led at a later time
@giohappy giohappy linked a pull request Apr 26, 2024 that will close this issue
[Fixes #10759] Handle invalid email if mandatory verification is enabled at a later time #12125
Merged
12 tasks
mattiagiupponi added a commit that referenced this issue Apr 29, 2024
@mattiagiupponi
[Fixes #10759] Fixup redirect
f1f8ee0
mattiagiupponi added a commit that referenced this issue Apr 30, 2024
@mattiagiupponi
[Fixes #10759] Fixup build
e426545
mattiagiupponi added a commit that referenced this issue Apr 30, 2024
@RegisSinjari @mattiagiupponi
[Fixes #10759] Handle invalid email if mandatory verification is enab…
3454ae5 
…led at a later time (#12125)

* [Fixes #10759] Handle invalid email if mandatory verification is enabled at a later time
* [Fixes #10759] Fixup build

---------

Co-authored-by: mattiagiupponi <mattia.giupponi@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mattiagiupponi mattiagiupponi

Labels
master minor A low priority issue which might affect only some users and /or not the main functionality
Projects
None yet
Milestone
4.3.0
3 participants
@giohappy @RegisSinjari @mattiagiupponi