use a dedicated subpath for token based invitation

this remove the need for the regex route converter. Nice.

ihatemoney/run.py

@@ -19,7 +19,6 @@ from ihatemoney.models import db
 from ihatemoney.utils import (
     IhmJSONEncoder,
     PrefixedWSGI,
-    RegexConverter,
     em_surround,
     locale_from_iso,
     localize_list,
@@ -127,8 +126,6 @@ def create_app(
         instance_relative_config=instance_relative_config,
     )
 
-    app.url_map.converters["regex"] = RegexConverter
-
     # If a configuration object is passed, use it. Otherwise try to find one.
     load_configuration(app, configuration)
     app.wsgi_app = PrefixedWSGI(app)

ihatemoney/tests/api_test.py

@@ -213,7 +213,7 @@ class APITestCase(IhatemoneyTestCase):
             "/api/projects/raclette/token", headers=self.get_auth("raclette")
         )
         decoded_resp = json.loads(resp.data.decode("utf-8"))
-        resp = self.client.get(f"/raclette/{decoded_resp['token']}")
+        resp = self.client.get(f"/raclette/join/{decoded_resp['token']}")
         # Test that we are redirected.
         self.assertEqual(302, resp.status_code)
 

ihatemoney/tests/budget_test.py

@@ -104,7 +104,7 @@ class BudgetTestCase(IhatemoneyTestCase):
         resp = self.client.get("/authenticate")
         self.assertIn("You either provided a bad token", resp.data.decode("utf-8"))
         # A token MUST have a point between payload and signature
-        resp = self.client.get("/raclette/token.invalid", follow_redirects=True)
+        resp = self.client.get("/raclette/join/token.invalid", follow_redirects=True)
         self.assertIn("You either provided a bad token", resp.data.decode("utf-8"))
 
     def test_invite_code_invalidation(self):

ihatemoney/utils.py

@@ -16,7 +16,7 @@ from flask import current_app, escape, redirect, render_template
 from flask_babel import get_locale, lazy_gettext as _
 import jinja2
 from markupsafe import Markup
-from werkzeug.routing import BaseConverter, HTTPException, RoutingException
+from werkzeug.routing import HTTPException, RoutingException
 
 
 def slugify(value):
@@ -416,10 +416,3 @@ def format_form_errors(form, prefix):
         errors = f"<ul><li>{error_list}</li></ul>"
         # I18N: Form error with a list of errors
         return Markup(_("{prefix}:<br />{errors}").format(prefix=prefix, errors=errors))
-
-
-# Taken from https://stackoverflow.com/a/5872904
-class RegexConverter(BaseConverter):
-    def __init__(self, url_map, *items):
-        super(RegexConverter, self).__init__(url_map)
-        self.regex = items[0]

ihatemoney/web.py

@@ -199,7 +199,7 @@ def admin():
 # To avoid matching other endpoint with a malformed token,
 # ensure that it has a point in the middle, since it's the
 # default separator between payload and signature.
-@main.route("/<project_id>/<regex('.+\\..+'):token>", methods=["GET"])
+@main.route("/<project_id>/join/<string:token>", methods=["GET"])
 def invitation(token):
     project_id = g.project.id
     verified_project_id = Project.verify_token(