File size: 4,450 Bytes
90e28c8
 
420f2a2
846543a
 
 
a8317c2
3219cc1
87168f1
73ab5b2
 
87cc64e
f06079d
87cc64e
0e4af71
73ab5b2
 
 
2a13a09
73ab5b2
 
6b91541
 
 
 
 
 
 
0e4af71
597f2fc
420f2a2
7c9ef15
 
597f2fc
5606447
 
7c9ef15
597f2fc
7c9ef15
 
 
 
 
828d76a
50e8588
 
0bbc3b6
50e8588
828d76a
37c091e
3ce2714
 
 
 
 
3f1d12a
 
3ce2714
 
 
c571d37
 
3f1d12a
 
3ce2714
 
73ab5b2
1fcc6f4
4f9d6d3
92a1e0e
 
b81db0f
92a1e0e
 
 
 
b81db0f
92a1e0e
4f9d6d3
b81db0f
 
 
 
 
92a1e0e
b81db0f
 
7e59b23
92a1e0e
 
7e59b23
73ab5b2
9034fa5
420f2a2
 
73ab5b2
 
7e59b23
73ab5b2
4f9d6d3
420f2a2
73ab5b2
4f9d6d3
 
73ab5b2
b81db0f
f03d991
b81db0f
73ab5b2
92a1e0e
 
 
420f2a2
 
 
 
73ab5b2
 
 
87168f1
 
 
 
 
6b91541
87168f1
c96aa7a
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
#auth.py

from fastapi import Depends, HTTPException, Form, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from pydantic import BaseModel
from sqlalchemy.orm import Session
from database import get_db, get_user_by_email  # Import database functions
from models import User, VerificationToken
import jwt
from passlib.context import CryptContext
from datetime import datetime, timedelta
import os

yoursecretkey = os.environ['my_secret_key']

class AuthViews:
    def __init__(self):
        self.pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
        self.SECRET_KEY = yoursecretkey  # Replace with your actual secret key
        self.ALGORITHM = "HS256"
        self.ACCESS_TOKEN_EXPIRE_MINUTES = 30
    def create_access_token(self, data: dict, expires_delta: timedelta):
        to_encode = data.copy()
        expire = datetime.utcnow() + expires_delta
        to_encode.update({"exp": expire})
        encoded_jwt = jwt.encode(to_encode, AuthViews().SECRET_KEY, algorithm=AuthViews().ALGORITHM)
        return encoded_jwt
    
auth_views = AuthViews()
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

def verify_token(token: str = Depends(oauth2_scheme)):
    try:
        payload = jwt.decode(token, auth_views.SECRET_KEY, algorithms=[auth_views.ALGORITHM])
        print(token)
        print(payload.get("sub"))
        return payload.get("sub")
    except jwt.PyJWTError:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Could not validate credentials",
            headers={"WWW-Authenticate": "Bearer"},
        )

class UserCreate(BaseModel):
    username: str
    email: str
    password: str
    confirm_password: str
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")

def authenticate_user(db: Session, email: str, password: str):
    # Check if the user with the provided email exists in the database
    user = get_user_by_email(db, email)
    if user is None:
        raise HTTPException(status_code=400, detail="User not found")
       # return None  # User not found

    # Check if the provided password is correct (You should verify the password)
    if not pwd_context.verify(password, user.hashed_password):
        print("Stored Password:", user.hashed_password)
        print("Provided Password:", password)
        raise HTTPException(status_code=400, detail="Incorrect password")
      #  return None  # Incorrect password

    return user  # Authentication succeeded

from emailx import send_verification_email, generate_verification_token

def get_user_by_verification_token(db: Session, verification_token: str):
    return db.query(User).filter(User.email_verification_token == verification_token).first()

def verify_email(verification_token: str, db: Session = Depends(get_db)):
    # Verify the email using the token
    user = get_user_by_verification_token(db, verification_token)
    
    if not user:
        raise HTTPException(status_code=400, detail="Invalid verification token")

    if user.is_verified:
        raise HTTPException(status_code=400, detail="Email already verified")

    # Mark the email as verified
    user.is_verified = True
    user.email_verification_token = None  # Optionally clear the verification token
    db.commit()
    return {"message": "Email verification successful"}



def register(user: UserCreate, db: Session):
    # Validate email format and check for existing users
    db_user = get_user_by_email(db, user.email)
    if db_user:
        raise HTTPException(status_code=400, detail="Email already registered")

    # Hash the password
    hashed_password = pwd_context.hash(user.password)

    # Generate a verification token
    verification_token = generate_verification_token(user.email)

    # Send a verification email
    send_verification_email(user.email, verification_token)

    # Verify the email
   # verify_email(verification_token, db)

    # Create the user in the database
    # Set the email_verification_token field in the User model
    user_in_db = User(email=user.email, hashed_password=hashed_password, email_verification_token=verification_token)

    db.add(user_in_db)
    db.commit()
    db.refresh(user_in_db)
    return user_in_db



def get_current_user(token: str = Depends(verify_token)):
    if not token:
        raise HTTPException(status_code=401, detail="Token not valid")
    return token