From dec74fc6080bfe3cac34138d738a76c848bcb9a7 Mon Sep 17 00:00:00 2001
From: yackob03 <jacob.moshenko@gmail.com>
Date: Wed, 18 Dec 2013 19:47:42 -0500
Subject: [PATCH] When an email code has already been used, just redirect to
 signin.

---
 data/model.py    | 7 +++++--
 endpoints/web.py | 6 +++++-
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/data/model.py b/data/model.py
index 0945f9dc0..ddfa74417 100644
--- a/data/model.py
+++ b/data/model.py
@@ -327,8 +327,11 @@ def create_confirm_email_code(user):
 
 
 def confirm_user_email(code):
-  code = EmailConfirmation.get(EmailConfirmation.code == code,
-                               EmailConfirmation.email_confirm == True)
+  try:
+    code = EmailConfirmation.get(EmailConfirmation.code == code,
+                                 EmailConfirmation.email_confirm == True)
+  except EmailConfirmation.DoesNotExist:
+    raise DataModelException('Invalid email confirmation code.')
 
   user = code.user
   user.verified = True
diff --git a/endpoints/web.py b/endpoints/web.py
index 347969268..22fb279a1 100644
--- a/endpoints/web.py
+++ b/endpoints/web.py
@@ -226,7 +226,11 @@ def github_oauth_callback():
 @app.route('/confirm', methods=['GET'])
 def confirm_email():
   code = request.values['code']
-  user = model.confirm_user_email(code)
+
+  try:
+    user = model.confirm_user_email(code)
+  except model.DataModelException as ex:
+    return redirect(url_for('signin'))
 
   common_login(user)