discours.io/core
5
0
Fork 0
Code Pull Requests Actions Projects Activity

confirm email on user registration improve

Browse Source
This commit is contained in:
knst-kotov 2022-06-09 13:52:56 +03:00
parent 9558a1afaa
commit 0cef013137
3 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
auth/email.py
View File

@ -1,10 +1,10 @@
import requests import requests
from starlette.responses import PlainTextResponse from starlette.responses import RedirectResponse
from starlette.exceptions import HTTPException from starlette.exceptions import HTTPException
from auth.authenticate import EmailAuthenticate, ResetPassword from auth.authenticate import EmailAuthenticate, ResetPassword
from settings import BACKEND_URL, MAILGUN_API_KEY, MAILGUN_DOMAIN, RESET_PWD_URL from settings import BACKEND_URL, MAILGUN_API_KEY, MAILGUN_DOMAIN, RESET_PWD_URL, CONFIRM_EMAIL_URL
MAILGUN_API_URL = "https://api.mailgun.net/v3/%s/messages" % (MAILGUN_DOMAIN) MAILGUN_API_URL = "https://api.mailgun.net/v3/%s/messages" % (MAILGUN_DOMAIN)
MAILGUN_FROM = "postmaster <postmaster@%s>" % (MAILGUN_DOMAIN) MAILGUN_FROM = "postmaster <postmaster@%s>" % (MAILGUN_DOMAIN)
@ -28,7 +28,7 @@ async def send_reset_password_email(user):
async def send_email(user, url, text, token): async def send_email(user, url, text, token):
to = "%s <%s>" % (user.username, user.email) to = "%s <%s>" % (user.username, user.email)
url_with_token = "%s/%s" % (url, token) url_with_token = "%s?token=%s" % (url, token)
text = text % (url_with_token) text = text % (url_with_token)
response = requests.post( response = requests.post(
MAILGUN_API_URL, MAILGUN_API_URL,
@ -46,5 +46,14 @@ async def email_authorize(request):
token = request.query_params.get('token') token = request.query_params.get('token')
if not token: if not token:
raise HTTPException(500, "invalid url") raise HTTPException(500, "invalid url")
auth_token, user = await EmailAuthenticate.authenticate(token) auth_token, user = await EmailAuthenticate.authenticate(token)
return PlainTextResponse(auth_token)
if not user.emailConfirmed:
with local_session() as session:
user.emailConfirmed = True
session.commit()
response = RedirectResponse(url = CONFIRM_EMAIL_URL)
response.set_cookie("token", auth_token)
return response

10
resolvers/auth.py
View File

@ -46,14 +46,9 @@ async def register(*_, email: str, password: str = ""):
session.add(user) session.add(user)
session.commit() session.commit()
await UserStorage.add_user(user)
if not password:
await send_confirm_email(user) await send_confirm_email(user)
return { "user": user }
token = await Authorize.authorize(user) return { "user": user }
return {"user": user, "token": token }
@mutation.field("requestPasswordUpdate") @mutation.field("requestPasswordUpdate")
async def request_password_update(_, info, email): async def request_password_update(_, info, email):
@ -95,6 +90,9 @@ async def login(_, info: GraphQLResolveInfo, email: str, password: str = ""):
await send_auth_email(orm_user) await send_auth_email(orm_user)
return {} return {}
if not orm_user.emailConfirmed:
return {"error" : "email not confirmed"}
try: try:
device = info.context["request"].headers['device'] device = info.context["request"].headers['device']
except KeyError: except KeyError:

1
settings.py
View File

@ -7,6 +7,7 @@ INBOX_SERVICE_PORT = 8081
BACKEND_URL = environ.get("BACKEND_URL") or "https://localhost:8080" BACKEND_URL = environ.get("BACKEND_URL") or "https://localhost:8080"
OAUTH_CALLBACK_URL = environ.get("OAUTH_CALLBACK_URL") or "https://localhost:8080" OAUTH_CALLBACK_URL = environ.get("OAUTH_CALLBACK_URL") or "https://localhost:8080"
RESET_PWD_URL = environ.get("RESET_PWD_URL") or "https://localhost:8080/reset_pwd" RESET_PWD_URL = environ.get("RESET_PWD_URL") or "https://localhost:8080/reset_pwd"
CONFIRM_EMAIL_URL = environ.get("CONFIRM_EMAIL_URL") or "https://new.discours.io"
DB_URL = environ.get("DATABASE_URL") or environ.get("DB_URL") or "sqlite:///db.sqlite3" DB_URL = environ.get("DATABASE_URL") or environ.get("DB_URL") or "sqlite:///db.sqlite3"
JWT_ALGORITHM = "HS256" JWT_ALGORITHM = "HS256"