If the login failed, redirect to auth again

2025-10-04 12:24:47 +08:00 · 2025-06-16 17:23:11 +02:00 · 2025-06-16 17:23:11 +02:00 · c6a075c004
commit c6a075c004
parent 68fd7bd7cc
2 changed files with 18 additions and 3 deletions
--- a/app/api/views/new_custom_alias.py
+++ b/app/api/views/new_custom_alias.py
@ -1,4 +1,4 @@
-from email_validator import EmailNotValidError
+from email_validator import EmailNotValidError, validate_email
 from flask import g
 from flask import jsonify, request

@ -248,6 +248,14 @@ def new_custom_alias_v3():
            jsonify(error="2 consecutive dot signs aren't allowed in an email address"),
            400,
        )
+    try:
+        validate_email(full_alias, check_deliverability=False, allow_smtputf8=False)
+    except EmailNotValidError as e:
+        LOG.i(f"Could not validate email {full_alias} for custom alias creation: {e}")
+        return (
+            jsonify(error="Email alias is invalid"),
+            400,
+        )

    alias = Alias.create(
        user_id=user.id,
--- a/app/auth/views/proton.py
+++ b/app/auth/views/proton.py
@ -1,9 +1,10 @@
+from typing import Optional
+
 import requests
 from flask import request, session, redirect, flash, url_for
 from flask_limiter.util import get_remote_address
 from flask_login import current_user
 from requests_oauthlib import OAuth2Session
-from typing import Optional

 from app.auth.base import auth_bp
 from app.auth.views.login_utils import after_login
@ -19,11 +20,11 @@ from app.config import (
 )
 from app.log import LOG
 from app.models import ApiKey, User
-from app.proton.proton_client import HttpProtonClient, convert_access_token
 from app.proton.proton_callback_handler import (
    ProtonCallbackHandler,
    Action,
 )
+from app.proton.proton_client import HttpProtonClient, convert_access_token
 from app.proton.proton_partner import get_proton_partner
 from app.utils import sanitize_next_url, sanitize_scheme

@ -169,8 +170,10 @@ def proton_callback():

    next_url = session.get("oauth_next")
    if action == Action.Login:
+        LOG.info("Handing login action after login with proton")
        res = handler.handle_login(proton_partner)
    elif action == Action.Link:
+        LOG.info("Handing link action after login with proton")
        res = handler.handle_link(current_user, proton_partner)
    else:
        raise Exception(f"Unknown Action: {action.name}")
@ -178,6 +181,10 @@ def proton_callback():
    if res.flash_message is not None:
        flash(res.flash_message, res.flash_category)

+    if res.user is None:
+        LOG.warning("No user after login with proton. Redirecting to auth.login")
+        return redirect(url_for("auth.login"))
+
    oauth_scheme = session.get("oauth_scheme")
    if session.get("oauth_mode", "session") == "apikey":
        apikey = get_api_key_for_user(res.user)