fix: keep verification token until natural expiry
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
Prevents confusing "link invalid" error when verification link is clicked twice (or prefetched by email clients like Outlook). The token now expires naturally instead of being cleared on first use. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
a5be17821a
commit
c46d4794e2
@ -1257,11 +1257,10 @@ def verify_email(token):
|
||||
flash('Email zostal juz zweryfikowany.', 'info')
|
||||
return redirect(url_for('dashboard'))
|
||||
|
||||
# Verify user
|
||||
# Verify user (keep token until natural expiry so double-clicks
|
||||
# and email client prefetch don't show a confusing error)
|
||||
user.is_verified = True
|
||||
user.verified_at = datetime.now()
|
||||
user.verification_token = None
|
||||
user.verification_token_expires = None
|
||||
|
||||
# Auto-login the user after verification
|
||||
login_user(user, remember=True)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user