Merge pull request #163 from incuna/email-already-verified-ui

Redirect to login when email is already verifyed.

CHANGELOG.md

@@ -1,6 +1,7 @@
 ## UPCOMING
 
 * Update `VerifyUserEmailView` to redirect to login without providing a next.
+* Redirect to the login when attempting to verify an email address that is already verified.
 
 ## 15.0.0
 

user_management/ui/exceptions.py

@@ -5,3 +5,7 @@
 class InvalidExpiredToken(Http404):
     """Exception to confirm an account."""
     message = _('Invalid or expired token.')
+
+
+class AlreadyVerifiedException(Exception):
+    message = _('Email already verified.')

user_management/ui/tests/test_views.py

@@ -42,11 +42,24 @@ def test_get_nonsense_token(self):
             view(request, token=token)
 
     def test_get_registered_user(self):
-        """The view is accessed for an already-verified user and 403s."""
+        """The view is accessed for an already-verified user then redirect."""
         user = VerifyEmailUserFactory.create(email_verified=True)
         token = user.generate_validation_token()
 
         request = self.create_request('get', auth=False)
         view = self.view_class.as_view()
-        with(self.assertRaises(self.view_class.permission_denied_class)):
-            view(request, token=token)
+
+        response = view(request, token=token)
+        self.assertEqual(response.status_code, 302)
+
+        self.assertEqual(response.url, '/accounts/login/')
+
+        user = VerifyEmailUser.objects.get(pk=user.pk)
+
+        self.assertTrue(user.email_verified)
+        self.assertTrue(user.is_active)
+
+        self.assertEqual(
+            self.view_class.already_verified_message,
+            str(request._messages.store[0]),
+        )

user_management/ui/views.py

@@ -1,11 +1,10 @@
 from django.conf import settings
 from django.contrib import messages
-from django.core.exceptions import PermissionDenied
 from django.utils.translation import ugettext_lazy as _
 from django.views import generic
 
 from user_management.utils.views import VerifyAccountViewMixin
-from .exceptions import InvalidExpiredToken
+from .exceptions import AlreadyVerifiedException, InvalidExpiredToken
 
 
 class VerifyUserEmailView(VerifyAccountViewMixin, generic.RedirectView):
@@ -20,16 +19,23 @@ class VerifyUserEmailView(VerifyAccountViewMixin, generic.RedirectView):
     As a RedirectView, this will return a HTTP 302 to LOGIN_URL on success.
     """
     permanent = False
+    already_verified = False
     url = settings.LOGIN_URL
     success_message = _('Your email address was confirmed.')
+    already_verified_message = _('Your email is already confirmed.')
     invalid_exception_class = InvalidExpiredToken
-    permission_denied_class = PermissionDenied
+    permission_denied_class = AlreadyVerifiedException
 
     def dispatch(self, request, *args, **kwargs):
-        self.verify_token(request, *args, **kwargs)
+        try:
+            self.verify_token(request, *args, **kwargs)
+        except self.permission_denied_class:
+            self.already_verified = True
+            self.success_message = self.already_verified_message
         return super(VerifyUserEmailView, self).dispatch(request, *args, **kwargs)
 
     def get(self, request, *args, **kwargs):
-        self.activate_user()
+        if not self.already_verified:
+            self.activate_user()
         messages.success(request, self.success_message)
         return super(VerifyUserEmailView, self).get(request, *args, **kwargs)