[PR #20] [MERGED] check token need to handle invalid user & invalid token correctly #863

New issue

Closed

opened 2026-02-25 23:43:57 +03:00 by kerem · 0 comments

kerem commented 2026-02-25 23:43:57 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/healthchecks/healthchecks/pull/20
Author: @diwu1989
Created: 12/19/2015
Status: ✅ Merged
Merged: 12/26/2015
Merged by: @cuu508

Base: master ← Head: badToken

---

📝 Commits (1)

• 2ebad09 check token redirect to login on bad token

📊 Changes

3 files changed (+21 additions, -7 deletions)

View changed files

📝 hc/accounts/tests/test_check_token.py (+12 -4)
📝 hc/accounts/tests/test_login.py (+5 -0)
📝 hc/accounts/views.py (+4 -3)

📄 Description

Try going to this URL:
https://healthchecks.io/accounts/check_token/invalid_user/invalid_token/

You'll get hit with the login page, and u can enter email all day long and it wouldn't work

Correct solution is to:

• upon bad token or bad user, redirect over to login page
• set a bad_link sentinel in the cookie for the login page to render the special invalid login message
• clear the bad_link sentinel from session

with unit tests included

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/healthchecks/healthchecks/pull/20 **Author:** [@diwu1989](https://github.com/diwu1989) **Created:** 12/19/2015 **Status:** ✅ Merged **Merged:** 12/26/2015 **Merged by:** [@cuu508](https://github.com/cuu508) **Base:** `master` ← **Head:** `badToken` --- ### 📝 Commits (1) - [`2ebad09`](https://github.com/healthchecks/healthchecks/commit/2ebad09d142de179908ae9bc77997abe842404be) check token redirect to login on bad token ### 📊 Changes **3 files changed** (+21 additions, -7 deletions) <details> <summary>View changed files</summary> 📝 `hc/accounts/tests/test_check_token.py` (+12 -4) 📝 `hc/accounts/tests/test_login.py` (+5 -0) 📝 `hc/accounts/views.py` (+4 -3) </details> ### 📄 Description Try going to this URL: https://healthchecks.io/accounts/check_token/invalid_user/invalid_token/ You'll get hit with the login page, and u can enter email all day long and it wouldn't work Correct solution is to: - upon bad token or bad user, redirect over to login page - set a `bad_link` sentinel in the cookie for the login page to render the special invalid login message - clear the `bad_link` sentinel from session with unit tests included --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-02-25 23:43:57 +03:00

• closed this issue
• added the
  pull-request
  label

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

py2

v4.1.1

v4.1

v4.0

v3.13

v3.12

v3.11.2

v3.11.1

v3.11

v3.10

v3.9

v3.8.2

v3.8.1

v3.8

v3.7

v3.6

v3.5.2

v3.5.1

v3.5

v3.4

v3.3

v3.2

v3.1

v3.0.1

v3.0

v2.10

v2.9.2

v2.9.1

v2.9

v2.8.1

v2.8

v2.7

v2.6.1

v2.6

v2.5

v2.4.1

v2.4

v2.3

v2.2.1

v2.2

v2.1

v2.0.1

v2.0

v1.25.0

v1.24.1

v1.24.0

v1.23.1

v1.23.0

v1.22.0

v1.21.0

v1.20.0

v1.19.0

v1.18.0

v1.17.0

v1.16.0

v1.15.0

v1.14.0

v1.13.0

v1.12.0

v1.11.0

v1.10.0

v1.9.0

v1.8.0

v1.7.0

v1.6.0

v1.5.0

v1.4.0

v1.3.0

v1.2.0

v1.1.0

v1.0.4

v1.0.3

v1.0.2

1.0.2

v1.0.1

v1.0

Labels

Clear labels   

bug

  

bug

  

bug

  

feature

  

good-first-issue

  

new integration

  

pull-request

Mirrored from GitHub Pull Request

  

question

No labels

bug

bug

bug

feature

good-first-issue

new integration

pull-request

question

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/healthchecks#863

No description provided.