File size: 4,296 Bytes
90e28c8
 
420f2a2
16a87c0
846543a
 
a8317c2
3219cc1
87168f1
73ab5b2
 
87cc64e
f06079d
87cc64e
0e4af71
73ab5b2
 
 
2a13a09
73ab5b2
 
a40b741
6b91541
 
 
de7729d
6b91541
de7729d
0e4af71
597f2fc
420f2a2
7c9ef15
 
597f2fc
7c9ef15
01b603f
 
597f2fc
7c9ef15
 
 
 
 
828d76a
50e8588
 
0bbc3b6
50e8588
828d76a
3ce2714
aa6aa93
 
3ce2714
 
 
3f1d12a
3ce2714
aa6aa93
 
3f1d12a
3ce2714
aa6aa93
 
 
73ab5b2
1fcc6f4
4f9d6d3
92a1e0e
 
b81db0f
92a1e0e
 
 
 
b81db0f
92a1e0e
4f9d6d3
b81db0f
 
 
 
 
92a1e0e
b81db0f
 
7e59b23
92a1e0e
 
7e59b23
73ab5b2
9034fa5
420f2a2
 
73ab5b2
 
aa6aa93
73ab5b2
4f9d6d3
420f2a2
73ab5b2
4f9d6d3
 
73ab5b2
b81db0f
f03d991
b81db0f
73ab5b2
92a1e0e
f73c46a
 
 
 
 
 
 
92a1e0e
420f2a2
 
 
 
73ab5b2
 
 
87168f1
 
 
 
 
6b91541
87168f1
c96aa7a
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
#auth.py

from fastapi import Depends, HTTPException, Form, status
from fastapi.security import OAuth2PasswordBearer
from pydantic import BaseModel
from sqlalchemy.orm import Session
from database import get_db, get_user_by_email  # Import database functions
from models import User, VerificationToken
import jwt
from passlib.context import CryptContext
from datetime import datetime, timedelta
import os

yoursecretkey = os.environ['my_secret_key']

class AuthViews:
    def __init__(self):
        self.pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
        self.SECRET_KEY = yoursecretkey  # Replace with your actual secret key
        self.ALGORITHM = "HS256"
        self.ACCESS_TOKEN_EXPIRE_MINUTES = 30
    def create_access_token(self, data: dict, expires_delta: timedelta):
        to_encode = data.copy()
        expire = datetime.utcnow() + expires_delta
        to_encode.update({"exp": expire})
        encoded_jwt = jwt.encode(to_encode, self.SECRET_KEY, algorithm=self.ALGORITHM)
        return encoded_jwt
         
auth_views = AuthViews()
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

def verify_token(token: str = Depends(oauth2_scheme)):
    try:
        payload = jwt.decode(token, auth_views.SECRET_KEY, algorithms=[auth_views.ALGORITHM])
        return payload.get("sub")
    except jwt.ExpiredSignatureError:
        raise HTTPException(status_code=401, detail="Token has expired")
    except jwt.PyJWTError:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Could not validate credentials",
            headers={"WWW-Authenticate": "Bearer"},
        )

class UserCreate(BaseModel):
    username: str
    email: str
    password: str
    confirm_password: str


# Use auth_views.pwd_context to access the password context from the AuthViews instance
def authenticate_user(db: Session, email: str, password: str):
    user = get_user_by_email(db, email)
    if user is None:
        raise HTTPException(status_code=400, detail="User not found")

    # Use the pwd_context from the auth_views instance
    if not auth_views.pwd_context.verify(password, user.hashed_password):
        raise HTTPException(status_code=400, detail="Incorrect password")

    return user



from emailx import send_verification_email, generate_verification_token

def get_user_by_verification_token(db: Session, verification_token: str):
    return db.query(User).filter(User.email_verification_token == verification_token).first()

def verify_email(verification_token: str, db: Session = Depends(get_db)):
    # Verify the email using the token
    user = get_user_by_verification_token(db, verification_token)
    
    if not user:
        raise HTTPException(status_code=400, detail="Invalid verification token")

    if user.is_verified:
        raise HTTPException(status_code=400, detail="Email already verified")

    # Mark the email as verified
    user.is_verified = True
    user.email_verification_token = None  # Optionally clear the verification token
    db.commit()
    return {"message": "Email verification successful"}



def register(user: UserCreate, db: Session):
    # Validate email format and check for existing users
    db_user = get_user_by_email(db, user.email)
    if db_user:
        raise HTTPException(status_code=400, detail="Email already registered")

    # Hash the password
    hashed_password = auth_views.pwd_context.hash(user.password)

    # Generate a verification token
    verification_token = generate_verification_token(user.email)

    # Send a verification email
    send_verification_email(user.email, verification_token)

    # Verify the email
   # verify_email(verification_token, db)

    # Create the user in the database
    # Set the email_verification_token field in the User model
    user_in_db = User(
        email=user.email,
        username=user.username,  # Set the username here
        hashed_password=hashed_password,
        email_verification_token=verification_token
    )


    db.add(user_in_db)
    db.commit()
    db.refresh(user_in_db)
    return user_in_db



def get_current_user(token: str = Depends(verify_token)):
    if not token:
        raise HTTPException(status_code=401, detail="Token not valid")
    return token