From 62a062fff2091f264d8d9b34e33b448e3b49f852 Mon Sep 17 00:00:00 2001
From: forest <forest.n.johnson@gmail.com>
Date: Sat, 16 May 2020 23:28:21 -0500
Subject: [PATCH] fix bug when created query string is not present

---
 capsulflask/auth.py    | 2 +-
 capsulflask/console.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/capsulflask/auth.py b/capsulflask/auth.py
index 53e31a6..5509702 100644
--- a/capsulflask/auth.py
+++ b/capsulflask/auth.py
@@ -72,7 +72,7 @@ def magiclink(token):
         return redirect(url_for("console.index"))
     else:
         # this is here to prevent xss
-        if not re.match(r"^[a-zA-Z0-9_-]+$", token):
+        if token and not re.match(r"^[a-zA-Z0-9_-]+$", token):
           token = '___________'
 
         abort(404, f"Token {token} doesn't exist or has already been used.")
diff --git a/capsulflask/console.py b/capsulflask/console.py
index 65e2c16..d827b4f 100644
--- a/capsulflask/console.py
+++ b/capsulflask/console.py
@@ -47,7 +47,7 @@ def index():
   created = request.args.get('created')
 
   # this is here to prevent xss
-  if not re.match(r"^(cvm|capsul)-[a-z0-9]{10}$", created):
+  if created and not re.match(r"^(cvm|capsul)-[a-z0-9]{10}$", created):
     created = '___________'
 
   # for now we are going to check the IP according to the virt model