Give better error message when invalid data is passed to cauth in d param

mhagander · mhagander · commit 6ae52f1a1df5 · 2025-08-27T16:10:40.000+02:00
This imports the latest version of upstream.
diff --git a/pgcommitfest/auth.py b/pgcommitfest/auth.py
@@ -211,7 +211,10 @@ def auth_receive(request):
     # Finally, check of we have a data package that tells us where to
     # redirect the user.
     if 'd' in data:
-        (nonces, datas, tags) = data['d'][0].split('$')
+        splitdata = data['d'][0].split('$')
+        if len(splitdata) != 3:
+            return HttpResponse("Invalid login pass-through data received, likely because of an old link. Please try again.")
+        (nonces, datas, tags) = splitdata
         decryptor = AES.new(
             SHA256.new(settings.SECRET_KEY.encode('ascii')).digest()[:32],
             AES.MODE_SIV,
