From 41481fa89edb41b6c916921374378b5cadc4ae77 Mon Sep 17 00:00:00 2001 From: Yasser Date: Mon, 15 Dec 2025 23:42:45 +0100 Subject: [PATCH 1/2] fix: streamline client activation logic and improve response handling --- core/api/clients/routes.py | 5 ++--- core/api/clients/services.py | 19 +++++++++---------- 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/core/api/clients/routes.py b/core/api/clients/routes.py index 7415a94..14ff36c 100644 --- a/core/api/clients/routes.py +++ b/core/api/clients/routes.py @@ -148,9 +148,8 @@ def activate_client(token): 400: description: Invalid or expired token """ - _, status = self.client_service.activate_client_by_token(token) - - return render_template("activation_response.html", status=status), status + status = self.client_service.activate_client_by_token(token) + return render_template("activation_response.html", status=status) # --- Get All Clients (Admin) --- @self.bp.route("/auth/clients", methods=["GET"]) diff --git a/core/api/clients/services.py b/core/api/clients/services.py index 923ece0..836746d 100644 --- a/core/api/clients/services.py +++ b/core/api/clients/services.py @@ -77,17 +77,16 @@ def create_access_token_for_client(self, client): def activate_client_by_token(self, token): """Activate client account using token""" client = self.client_model.find_client_by_activation_token(token) - + if not client: - return None, 404 - - if client.activation_token_expired(): - return None, 400 - - client.is_active = True - client.activation_token = None - - return client, 200 + return 404 + + activation = client.get("activation", {}) + if not activation or datetime.utcnow() > activation["expires_at"]: + return 400 + + self.client_model.activate_client(client["_id"]) + return 200 def resend_activation_email(self, email: str): """Resend activation email to client""" From 94f84f47623d005bfb1c84a219c30227b49ef9d5 Mon Sep 17 00:00:00 2001 From: Yasser Date: Mon, 15 Dec 2025 23:42:49 +0100 Subject: [PATCH 2/2] fix: simplify user activation logic and improve response handling --- core/api/users/routes.py | 3 +-- core/api/users/services.py | 20 ++++++++++---------- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/core/api/users/routes.py b/core/api/users/routes.py index 12256a4..54ba6a2 100644 --- a/core/api/users/routes.py +++ b/core/api/users/routes.py @@ -202,8 +202,7 @@ def activate(token): 400: description: Invalid or expired token """ - _, status = self.user_service.activate_user_by_token(token) - + status = self.user_service.activate_user_by_token(token) return render_template("activation_response.html", status=status), status # --- Resend Activation (API) --- diff --git a/core/api/users/services.py b/core/api/users/services.py index b6facc2..a9f1058 100644 --- a/core/api/users/services.py +++ b/core/api/users/services.py @@ -1,3 +1,4 @@ +from flask import jsonify from flask_jwt_extended import create_access_token from core.utils import ( hash_password, @@ -79,17 +80,16 @@ def get_user_by_id(self, user_id): def activate_user_by_token(self, token): """Activate user account using activation token.""" user = self.user_model.find_user_by_activation_token(token) - + if not user: - return None, 404 - - if user.activation_token_expired(): - return None, 400 - - user.is_active = True - user.activation_token = None - - return user, 200 + return 404 + + activation = user.get("activation", {}) + if not activation or datetime.utcnow() > activation["expires_at"]: + return 400 + + self.user_model.activate_user(user["_id"]) + return 200 def resend_activation_email(self, email): """Resend activation email for user."""