Validate that changed recovery email isn't a WooCommerce primary email; ref...

Validate that changed recovery email isn't a WooCommerce primary email; ref liberty/ldh_middleware#80

purist/forms.py

@@ -9,7 +9,7 @@ from django.contrib.auth.password_validation import validate_password
 from password_reset.forms import PasswordRecoveryForm \
     as BasePasswordRecoveryForm
 from password_reset.forms import PasswordResetForm as BasePasswordResetForm
-from .models import User
+from .models import User, get_woo_connection
 from captcha.fields import CaptchaField
 
 
@@ -105,6 +105,17 @@ class ProfileConfigureForm(forms.ModelForm):
             'billing_email': forms.EmailInput(attrs={'size': '100%'}),
         }
 
+    def clean_email(self):
+        new_eml = self.cleaned_data['email']
+        woo = get_woo_connection()
+        query = "customers?role=all&limit=1&email=" + new_eml
+        woo_response = woo.get(query)
+        total_emails = int(woo_response.headers['X-WP-Total'])
+        if  total_emails > 1 or \
+            (total_emails == 1 and woo_response.json()[0]['username'] != self.user.username):
+            raise ValidationError(_('Sorry, that email is already in use.'), code='already_taken')
+        return new_eml
+
     def save(self, commit=True):
         self.instance.set_woocommerce_billing_email()
         return super(ProfileConfigureForm, self).save(commit)

purist/views.py

@@ -80,6 +80,11 @@ class ProfileConfigureView(LoginRequiredMixin, UpdateView):
     form_class = ProfileConfigureForm
     success_url = reverse_lazy('profile')
 
+    def get_form(self):
+        f = super().get_form()
+        f.user = self.request.user
+        return f
+
     def get_object(self, queryset=None):
         return self.request.user