confirmation: Remove B16_RE.

The Django ORM protects itself (i.e. we don't have to check that
confirmation_key isn't malicious/mal-formed before passing it to get()).

confirmation/models.py

@@ -5,7 +5,6 @@
 __revision__ = '$Id: models.py 28 2009-10-22 15:03:02Z jarek.zgoda $'
 
 import datetime
-import re
 
 from django.db import models
 from django.core.urlresolvers import reverse
@@ -20,15 +19,12 @@ from zerver.lib.utils import generate_random_token
 from zerver.models import PreregistrationUser, EmailChangeStatus
 from typing import Any, Dict, Optional, Text, Union
 
-B16_RE = re.compile('^[a-f0-9]{40}$')
-
 def generate_key():
     # type: () -> str
     return generate_random_token(40)
 
 def get_object_from_key(confirmation_key):
     # type: (str) -> Union[bool, PreregistrationUser, EmailChangeStatus]
-    if B16_RE.search(confirmation_key):
     try:
         confirmation = Confirmation.objects.get(confirmation_key=confirmation_key)
     except Confirmation.DoesNotExist:
@@ -42,7 +38,6 @@ def get_object_from_key(confirmation_key):
     obj.status = getattr(settings, 'STATUS_ACTIVE', 1)
     obj.save(update_fields=['status'])
     return obj
-    return False
 
 def create_confirmation_link(obj, host, confirmation_type):
     # type: (Union[ContentType, int], str, int) -> str