check if email value is a string in default_email_validator func

Author: KShivendu

supertokens_python/recipe/emailpassword/api/utils.py

@@ -54,35 +54,28 @@ async def validate_form_or_throw_error(
 async def validate_form_fields_or_throw_error(
     config_form_fields: List[NormalisedFormField], form_fields_raw: Any
 ) -> List[FormField]:
-    try:
-        if form_fields_raw is None:
-            raise_bad_input_exception("Missing input param: formFields")
+    if form_fields_raw is None:
+        raise_bad_input_exception("Missing input param: formFields")
 
-        if not isinstance(form_fields_raw, List):
-            raise_bad_input_exception("formFields must be an array")
+    if not isinstance(form_fields_raw, List):
+        raise_bad_input_exception("formFields must be an array")
 
-        form_fields: List[FormField] = []
+    form_fields: List[FormField] = []
 
-        form_fields_list_raw: List[Dict[str, Any]] = form_fields_raw
-        for current_form_field in form_fields_list_raw:
-            if (
-                "id" not in current_form_field
-                or not isinstance(current_form_field["id"], str)
-                or "value" not in current_form_field
-            ):
-                raise_bad_input_exception(
-                    "All elements of formFields must contain an 'id' and 'value' field"
-                )
-            value = current_form_field["value"]
-            if current_form_field["id"] == FORM_FIELD_EMAIL_ID:
-                if not isinstance(value, str):
-                    raise_bad_input_exception("email value must be a string")
-                value = value.strip()
-            form_fields.append(FormField(current_form_field["id"], value))
+    form_fields_list_raw: List[Dict[str, Any]] = form_fields_raw
+    for current_form_field in form_fields_list_raw:
+        if (
+            "id" not in current_form_field
+            or not isinstance(current_form_field["id"], str)
+            or "value" not in current_form_field
+        ):
+            raise_bad_input_exception(
+                "All elements of formFields must contain an 'id' and 'value' field"
+            )
+        value = current_form_field["value"]
+        if current_form_field["id"] == FORM_FIELD_EMAIL_ID and isinstance(value, str):
+            value = value.strip()
+        form_fields.append(FormField(current_form_field["id"], value))
 
-        await validate_form_or_throw_error(form_fields, config_form_fields)
-        return form_fields
-    except Exception:
-        raise_bad_input_exception(
-            "Something seems wrong with the input formFields. Please check the request body."
-        )
+    await validate_form_or_throw_error(form_fields, config_form_fields)
+    return form_fields

supertokens_python/recipe/emailpassword/utils.py

@@ -70,11 +70,11 @@ async def default_password_validator(value: str) -> Union[str, None]:
     return None
 
 
-async def default_email_validator(value: str) -> Union[str, None]:
+async def default_email_validator(value: Any) -> Union[str, None]:
     # We check if the email syntax is correct
     # As per https://github.com/supertokens/supertokens-auth-react/issues/5#issuecomment-709512438
     # Regex from https://stackoverflow.com/a/46181/3867175
-    if (
+    if (not isinstance(value, str)) or (
         fullmatch(
             r'^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,'
             r"3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$",

tests/emailpassword/test_passwordreset.py

@@ -107,14 +107,15 @@ async def test_email_validation_checks_in_generate_token_API(
     )
     start_st()
 
-    response_1 = driver_config_client.post(
-        url="/auth/user/password/reset/token",
-        json={"formFields": [{"id": "email", "value": "random"}]},
-    )
+    for invalid_email in ["random", 5]:
+        res = driver_config_client.post(
+            url="/auth/user/password/reset/token",
+            json={"formFields": [{"id": "email", "value": invalid_email}]},
+        )
 
-    assert response_1.status_code == 200
-    dict_response = json.loads(response_1.text)
-    assert dict_response["status"] == "FIELD_ERROR"
+        assert res.status_code == 200
+        dict_res = json.loads(res.text)
+        assert dict_res["status"] == "FIELD_ERROR"
 
 
 @mark.asyncio