Merge pull request #137 from netlify/valid-email

Ensure email is valid before attempting to use
netlify · Jan 8, 2018 · 5915af7 · 5915af7
2 parents fb9ba22 + 3a9303d
commit 5915af7
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 11 deletions.
diff --git a/api/admin.go b/api/admin.go
@@ -134,9 +134,12 @@ func (a *API) adminUserCreate(w http.ResponseWriter, r *http.Request) error {
 		return err
 	}
 
+	if params.Email == "" {
+		return unprocessableEntityError("Creating a user requires a valid email")
+	}
 	mailer := getMailer(ctx)
 	if err := mailer.ValidateEmail(params.Email); err != nil {
-		return badRequestError("Invalid email address: %s", params.Email).WithInternalError(err)
+		return unprocessableEntityError("Invalid email address: %s", params.Email).WithInternalError(err)
 	}
 
 	aud := a.requestAud(ctx, r)

diff --git a/api/invite.go b/api/invite.go
@@ -30,9 +30,12 @@ func (a *API) Invite(w http.ResponseWriter, r *http.Request) error {
 	if params.Email == "" {
 		return unprocessableEntityError("Invite requires a valid email")
 	}
+	mailer := getMailer(ctx)
+	if err = mailer.ValidateEmail(params.Email); err != nil {
+		return unprocessableEntityError("Unable to validate email address: " + err.Error())
+	}
 
 	aud := a.requestAud(ctx, r)
-
 	user, err := a.db.FindUserByEmailAndAudience(instanceID, params.Email, aud)
 	if err == nil {
 		return unprocessableEntityError("Email address already registered by another user")
@@ -54,11 +57,6 @@ func (a *API) Invite(w http.ResponseWriter, r *http.Request) error {
 	now := time.Now()
 	user.InvitedAt = &now
 
-	mailer := getMailer(ctx)
-	if err = mailer.ValidateEmail(params.Email); err != nil {
-		return unprocessableEntityError("Unable to validate email address: " + err.Error())
-	}
-
 	if err := mailer.InviteMail(user); err != nil {
 		return internalServerError("Error sending confirmation mail").WithInternalError(err)
 	}

diff --git a/api/signup.go b/api/signup.go
@@ -40,16 +40,16 @@ func (a *API) Signup(w http.ResponseWriter, r *http.Request) error {
 	}
 
 	mailer := getMailer(ctx)
-	aud := a.requestAud(ctx, r)
+	if err = mailer.ValidateEmail(params.Email); err != nil {
+		return unprocessableEntityError("Unable to validate email address: " + err.Error())
+	}
 
+	aud := a.requestAud(ctx, r)
 	user, err := a.db.FindUserByEmailAndAudience(instanceID, params.Email, aud)
 	if err != nil {
 		if !models.IsNotFoundError(err) {
 			return internalServerError("Database error finding user").WithInternalError(err)
 		}
-		if err = mailer.ValidateEmail(params.Email); err != nil {
-			return unprocessableEntityError("Unable to validate email address: " + err.Error())
-		}
 
 		params.Provider = "email"
 		user, err = a.signupNewUser(ctx, params, aud)