@@ -164,27 +164,47 @@ def validate_email_fields(self):
164164 )
165165
166166 def validate_bcc (self ):
167+ """
168+ If otp validation is enabled, check if is valid
169+ """
167170 bcc_fields = []
171+ email_otp_verification = self .block .get ("email_otp_verification" , False )
172+ block_id = self .form_data .get ("block_id" , "" )
168173 for field in self .block .get ("subblocks" , []):
169174 if field .get ("use_as_bcc" , False ):
170175 field_id = field .get ("field_id" , "" )
171176 if field_id not in bcc_fields :
172177 bcc_fields .append (field_id )
173-
178+ if not bcc_fields :
179+ return
180+ if not email_otp_verification :
181+ return
174182 for data in self .form_data .get ("data" , []):
175183 value = data .get ("value" , "" )
176184 if not value :
177185 continue
178-
179- if data .get ("field_id" , "" ) in bcc_fields :
180- if self .block .get (
181- "email_otp_verification" , True
182- ) and not validate_email_token (
183- self .form_data .get ("block_id" , "" ), data ["value" ], data ["otp" ]
184- ):
185- raise BadRequest (
186- _ ("{email}'s OTP is wrong" ).format (email = data ["value" ])
186+ if data .get ("field_id" , "" ) not in bcc_fields :
187+ continue
188+ otp = data .get ("otp" , "" )
189+ if not otp :
190+ raise BadRequest (
191+ api .portal .translate (
192+ _ (
193+ "otp_validation_missing_value" ,
194+ default = "Missing OTP value. Unable to submit the form." ,
195+ )
187196 )
197+ )
198+ if not validate_email_token (block_id , value , otp ):
199+ raise BadRequest (
200+ api .portal .translate (
201+ _ (
202+ "otp_validation_wrong_value" ,
203+ default = "${email}'s OTP is wrong" ,
204+ mapping = {"email" : data ["value" ]},
205+ )
206+ )
207+ )
188208
189209 def validate_attachments (self ):
190210 attachments_limit = os .environ .get ("FORM_ATTACHMENTS_LIMIT" , "" )
0 commit comments