From f868f544d7dacff26316a5a7a1439a32df01a328 Mon Sep 17 00:00:00 2001
From: Untone <anton.rewin@gmail.com>
Date: Fri, 30 Jul 2021 16:22:37 +0300
Subject: [PATCH] confirmEmail

---
 auth/authorize.py |  4 ++--
 resolvers/auth.py | 26 ++++++++++++++++----------
 2 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/auth/authorize.py b/auth/authorize.py
index 5fde3b05..e75ac3d0 100644
--- a/auth/authorize.py
+++ b/auth/authorize.py
@@ -39,11 +39,11 @@ class Authorize:
         await redis.execute("DEL", *tokens)
 
     @staticmethod
-    async def confirm(token: str) -> str:
+    async def confirm(token: str) -> str, User:
         try:
             # NOTE: auth_token and email_token are different
             payload = Token.decode(token) # TODO: check to decode here the proper way
             auth_token = self.authorize(payload.user)
-            return auth_token
+            return auth_token, payload.user
         except:
             pass
diff --git a/resolvers/auth.py b/resolvers/auth.py
index bebd7c56..f279443a 100644
--- a/resolvers/auth.py
+++ b/resolvers/auth.py
@@ -1,5 +1,5 @@
 from graphql import GraphQLResolveInfo
-
+from datetime import datetime, timedelta
 from auth.authenticate import login_required
 from auth.authorize import Authorize
 from auth.identity import Identity
@@ -12,24 +12,30 @@ from resolvers.base import mutation, query
 from settings import JWT_AUTH_HEADER
 
 @mutation.field("confirmEmail")
-async def confirm(*_, token):
-	token = await Authorize.authorize(user)
-	return { "status": True, "token": token }
+async def confirm(*_, confirm_token):
+	auth_token, user = await Authorize.confirm(confirm_token)
+	if auth_token:
+		user.emailConfirmed = True
+		return { "status": True, "token": auth_token }
+	else:
+		return { "status": False, "error": "Email not confirmed"}
+
 
 @mutation.field("registerUser")
-async def register(*_, email: str, password: str):
+async def register(*_, email: str, password: str = ""):
 	inp = { "email": email, "password": password}
 	create_user = CreateUser(**inp)
-	create_user.password = Password.encode(create_user.password)
 	create_user.username = email.split('@')[0]
-	user = User.create(**create_user.dict())
-	if not password: 
-		# 	sendAuthEmail(]token)
-		# TODO: User.password === None and User.emailConfirmed = залогиненный пользователь
+	if not password:
+		# NOTE: 1 hour confirm_token expire
+		confirm_token = Token.encode(create_user, datetime.now() + timedelta(hours = 1) , "email")
+		# TODO:	sendAuthEmail(confirm_token)
 		# без пароля не возвращаем, а высылаем токен на почту
 		# 
 		return { "status": True, "user": user }
 	else:
+		create_user.password = Password.encode(create_user.password)
+		user = User.create(**create_user.dict())
 		token = await Authorize.authorize(user)
 		return {"status": True, "user": user, "token": token }