[Django] #34891: force_str(urlsafe_base64_decode(uidb64)) returns object not value

39 views
Skip to first unread message

Django

unread,
Oct 5, 2023, 2:31:26 PM10/5/23
to django-...@googlegroups.com
#34891: force_str(urlsafe_base64_decode(uidb64)) returns object not value
-------------------------------------+-------------------------------------
Reporter: | Owner: nobody
jslovern391 |
Type: Bug | Status: new
Component: Utilities | Version: 4.2
Severity: Normal | Keywords:
Triage Stage: | django.utils.encoding
Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------+-------------------------------------
Trying to decode:

PHByb3BlcnR5IG9iamVjdCBhdCAweDAwMDAwMjU1M0ZBNTlEQTA-
bvlp6u-9b15d1fd6d30b90e81623812e9bc8d74

force_str(urlsafe_base64_decode(uidb64)) returns:

Field 'id' expected a number but got b'<property object at
0x000002553FA59DA0>'.

The above exception (invalid literal for int() with base 10: b'<property
object at 0x000002553FA59DA0>') was the direct cause of the following
exception:

Code:

def activate(request, uidb64, token):
try:
uid = force_str(urlsafe_base64_decode(uidb64))
user = CustomUser.objects.get(pk=uid)

except (TypeError, ValueError, OverflowError,
CustomUser.DoesNotExist):
user = None

if user is not None and account_activation_token.check_token(user,
token):
user.is_active = True
user.save()
login(request, user)
return redirect('account_activation_complete')
else:
return HttpResponseBadRequest('Activation link is invalid!')

--
Ticket URL: <https://code.djangoproject.com/ticket/34891>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

Django

unread,
Oct 5, 2023, 8:11:57 PM10/5/23
to django-...@googlegroups.com
#34891: force_str(urlsafe_base64_decode(uidb64)) returns object not value
-------------------------------------+-------------------------------------
Reporter: Jeff Lovern | Owner: nobody
Type: Bug | Status: closed
Component: Utilities | Version: 4.2
Severity: Normal | Resolution: needsinfo

Keywords: | Triage Stage:
django.utils.encoding | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Tim Graham):

* status: new => closed
* resolution: => needsinfo


Old description:

New description:

{{{ #!pycon
>>> from django.utils.encoding import force_str
>>> from django.utils.http import urlsafe_base64_decode
>>> uidb64 = 'PHByb3BlcnR5IG9iamVjdCBhdCAweDAwMDAwMjU1M0ZBNTlEQTA-bvlp6u-
9b15d1fd6d30b90e81623812e9bc8d74'
>>> result = urlsafe_base64_decode(uidb64)
>>> result
b'<property object at
0x000002553FA59DA0>n\xf9i\xea\xef\xbdo^]\xd5\xf7zw}\x1b\xf7G\xbc\xd7\xad\xb7\xf3]\x9e\xf5\xb7<w\xbe'

>>> force_str(result)
Traceback (most recent call last):
File "/home/tim/code/django/django/utils/encoding.py", line 70, in
force_str
s = str(s, encoding, errors)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf9 in position 40:
invalid start byte

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "<console>", line 1, in <module>
File "/home/tim/code/django/django/utils/encoding.py", line 74, in
force_str
raise DjangoUnicodeDecodeError(s, *e.args)
django.utils.encoding.DjangoUnicodeDecodeError: 'utf-8' codec can't decode
byte 0xf9 in position 40: invalid start byte. You passed in b'<property
object at
0x000002553FA59DA0>n\xf9i\xea\xef\xbdo^]\xd5\xf7zw}\x1b\xf7G\xbc\xd7\xad\xb7\xf3]\x9e\xf5\xb7<w\xbe'
(<class 'bytes'>)
}}}

Code:
{{{ #!python


def activate(request, uidb64, token):
try:
uid = force_str(urlsafe_base64_decode(uidb64))
user = CustomUser.objects.get(pk=uid)

except (TypeError, ValueError, OverflowError,
CustomUser.DoesNotExist):
user = None

if user is not None and account_activation_token.check_token(user,
token):
user.is_active = True
user.save()
login(request, user)
return redirect('account_activation_complete')
else:
return HttpResponseBadRequest('Activation link is invalid!')
}}}

--

Comment:

Hi Jeff, it's unclear that Django is at fault here. It looks like the
`uidb64` value isn't correct for what this code is trying to do. See
TicketClosingReasons/UseSupportChannels if you need help debugging your
issue, and reopen the ticket if you can explain why Django is at fault.
Thanks!

--
Ticket URL: <https://code.djangoproject.com/ticket/34891#comment:1>

Django

unread,
Oct 5, 2023, 11:22:26 PM10/5/23
to django-...@googlegroups.com
#34891: force_str(urlsafe_base64_decode(uidb64)) returns object not value
-------------------------------------+-------------------------------------
Reporter: Jeff Lovern | Owner: nobody
Type: Bug | Status: closed
Component: Utilities | Version: 4.2
Severity: Normal | Resolution: invalid

Keywords: | Triage Stage:
django.utils.encoding | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak):

* resolution: needsinfo => invalid


Comment:

"invalid" per https://forum.djangoproject.com/t/base64-user-id-object-
error-for-email-activation/24335.

--
Ticket URL: <https://code.djangoproject.com/ticket/34891#comment:2>

Reply all
Reply to author
Forward
0 new messages