darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-10 07:12:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix org invites

Browse Source
This commit is contained in:
Kenneth Kehl
2025-09-08 08:17:37 -07:00
parent 3a91b367f8
commit a2ff034b78
1 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
app/organization/invite_rest.py
View File

@@ -43,6 +43,18 @@ def invite_user_to_org(organization_id):
data = request.get_json()
validate(data, post_create_invited_org_user_status_schema)
request_json = request.get_json()
try:
nonce = request_json.pop("nonce")
except KeyError:
current_app.logger.exception("nonce not found in submitted data.")
raise
try:
state = request_json.pop("state")
except KeyError:
current_app.logger.exception("state not found in submitted data.")
raise
invited_org_user = InvitedOrganizationUser(
email_address=data["email_address"],
invited_by_id=data["invited_by"],
@@ -53,15 +65,9 @@ def invite_user_to_org(organization_id):
template = dao_get_template_by_id(
current_app.config["ORGANIZATION_INVITATION_EMAIL_TEMPLATE_ID"]
)
token = generate_token(
str(invited_org_user.email_address),
current_app.config["SECRET_KEY"],
current_app.config["DANGEROUS_SALT"],
)
url = os.environ["LOGIN_DOT_GOV_REGISTRATION_URL"]
url = url.replace("NONCE", token)
url = url.replace("STATE", token)
url = url.replace("NONCE", nonce)
url = url.replace("STATE", state)
personalisation = {
"user_name": (