diff --git a/zerver/tests/test_auth_backends.py b/zerver/tests/test_auth_backends.py index 8c9a49d135..c7b42fef90 100644 --- a/zerver/tests/test_auth_backends.py +++ b/zerver/tests/test_auth_backends.py @@ -1112,6 +1112,13 @@ class DevFetchAPIKeyTest(ZulipTestCase): self.assertEqual(data["email"], self.email) self.assertEqual(data['api_key'], self.user_profile.api_key) + def test_invalid_email(self): + # type: () -> None + email = 'hamlet' + result = self.client_post("/api/v1/dev_fetch_api_key", + dict(username=email)) + self.assert_json_error_contains(result, "Enter a valid email address.", 400) + def test_inactive_user(self): # type: () -> None do_deactivate_user(self.user_profile) diff --git a/zerver/views/auth.py b/zerver/views/auth.py index aaad814db0..6df0b2e573 100644 --- a/zerver/views/auth.py +++ b/zerver/views/auth.py @@ -407,6 +407,13 @@ def api_dev_fetch_api_key(request, username=REQ()): """ if not dev_auth_enabled() or settings.PRODUCTION: return json_error(_("Dev environment not enabled.")) + + # Django invokes authenticate methods by matching arguments, and this + # authentication flow will not invoke LDAP authentication because of + # this condition of Django so no need to check if LDAP backend is + # enabled. + validate_login_email(username) + return_data = {} # type: Dict[str, bool] user_profile = authenticate(username=username, realm_subdomain=get_subdomain(request),