fix: Don't allow user to create account with existing domain

This commit is contained in:
Nathan Woodburn 2023-11-08 22:31:39 +11:00
parent 90a86c2769
commit 3c98d9e243
Signed by: nathanwoodburn
GPG Key ID: 203B000478AD0EF1
2 changed files with 14 additions and 0 deletions

View File

@ -53,6 +53,9 @@ def create_user(email, domain, password):
# Check if user exists # Check if user exists
if db.search_users(email) != []: if db.search_users(email) != []:
return {'success': False, 'message': 'User already exists'} return {'success': False, 'message': 'User already exists'}
if db.search_users_domain(domain) != []:
return {'success': False, 'message': 'Domain already exists'}
db.add_user(email, domain, hashed_password, token) db.add_user(email, domain, hashed_password, token)
return {'success': True, 'message': 'User created', 'token': token} return {'success': True, 'message': 'User created', 'token': token}

11
db.py
View File

@ -64,6 +64,17 @@ def search_users(email):
connection.close() connection.close()
return users return users
def search_users_domain(domain):
connection = mysql.connector.connect(**dbargs)
cursor = connection.cursor()
cursor.execute("""
SELECT * FROM users WHERE domain = %s
""", (domain,))
users = cursor.fetchall()
cursor.close()
connection.close()
return users
def search_users_token(token): def search_users_token(token):
connection = mysql.connector.connect(**dbargs) connection = mysql.connector.connect(**dbargs)
cursor = connection.cursor() cursor = connection.cursor()