Spaces:

Gregniuki
/

Loginauth

Running

File size: 4,950 Bytes

90e28c8
 
420f2a2
16a87c0
846543a
 
a8317c2
3219cc1
87168f1
73ab5b2
 
87cc64e
f06079d
87cc64e
0e4af71
73ab5b2
 
 
2a13a09
73ab5b2
 
a40b741
6b91541
 
 
de7729d
6b91541
de7729d
0e4af71
597f2fc
420f2a2
7c9ef15
 
597f2fc
7c9ef15
01b603f
 
597f2fc
7c9ef15
 
 
 
 
828d76a
50e8588
 
0bbc3b6
50e8588
828d76a
479fd85
 
aa6aa93
 
3ce2714
 
 
3f1d12a
3ce2714
aa6aa93
 
3f1d12a
3ce2714
aa6aa93
 
 
73ab5b2
1fcc6f4
4f9d6d3
92a1e0e
 
b81db0f
92a1e0e
 
 
 
b81db0f
92a1e0e
4f9d6d3
b81db0f
 
 
 
 
92a1e0e
b81db0f
 
7e59b23
92a1e0e
 
7e59b23
73ab5b2
9034fa5
420f2a2
 
73ab5b2
 
aa6aa93
73ab5b2
4f9d6d3
420f2a2
826bfef
4f9d6d3
f6cb392
73ab5b2
b81db0f
f03d991
b81db0f
73ab5b2
92a1e0e
f73c46a
 
 
 
 
 
 
92a1e0e
420f2a2
 
 
 
73ab5b2
 
f27830c
 
 
 
f6cb392
 
 
f27830c
 
 
 
73ab5b2
87168f1
 
 
 
 
6b91541
87168f1
c96aa7a

#auth.py

from fastapi import Depends, HTTPException, Form, status
from fastapi.security import OAuth2PasswordBearer
from pydantic import BaseModel
from sqlalchemy.orm import Session
from database import get_db, get_user_by_email  # Import database functions
from models import User, VerificationToken
import jwt
from passlib.context import CryptContext
from datetime import datetime, timedelta
import os

yoursecretkey = os.environ['my_secret_key']

class AuthViews:
    def __init__(self):
        self.pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
        self.SECRET_KEY = yoursecretkey  # Replace with your actual secret key
        self.ALGORITHM = "HS256"
        self.ACCESS_TOKEN_EXPIRE_MINUTES = 30
    def create_access_token(self, data: dict, expires_delta: timedelta):
        to_encode = data.copy()
        expire = datetime.utcnow() + expires_delta
        to_encode.update({"exp": expire})
        encoded_jwt = jwt.encode(to_encode, self.SECRET_KEY, algorithm=self.ALGORITHM)
        return encoded_jwt
         
auth_views = AuthViews()
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

def verify_token(token: str = Depends(oauth2_scheme)):
    try:
        payload = jwt.decode(token, auth_views.SECRET_KEY, algorithms=[auth_views.ALGORITHM])
        return payload.get("sub")
    except jwt.ExpiredSignatureError:
        raise HTTPException(status_code=401, detail="Token has expired")
    except jwt.PyJWTError:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Could not validate credentials",
            headers={"WWW-Authenticate": "Bearer"},
        )

class UserCreate(BaseModel):
    username: str
    email: str
    password: str
    confirm_password: str
class TokenData(BaseModel):
    token: str

# Use auth_views.pwd_context to access the password context from the AuthViews instance
def authenticate_user(db: Session, email: str, password: str):
    user = get_user_by_email(db, email)
    if user is None:
        raise HTTPException(status_code=400, detail="User not found")

    # Use the pwd_context from the auth_views instance
    if not auth_views.pwd_context.verify(password, user.hashed_password):
        raise HTTPException(status_code=400, detail="Incorrect password")

    return user



from emailx import send_verification_email, generate_verification_token

def get_user_by_verification_token(db: Session, verification_token: str):
    return db.query(User).filter(User.email_verification_token == verification_token).first()

def verify_email(verification_token: str, db: Session = Depends(get_db)):
    # Verify the email using the token
    user = get_user_by_verification_token(db, verification_token)
    
    if not user:
        raise HTTPException(status_code=400, detail="Invalid verification token")

    if user.is_verified:
        raise HTTPException(status_code=400, detail="Email already verified")

    # Mark the email as verified
    user.is_verified = True
    user.email_verification_token = None  # Optionally clear the verification token
    db.commit()
    return {"message": "Email verification successful"}



def register(user: UserCreate, db: Session):
    # Validate email format and check for existing users
    db_user = get_user_by_email(db, user.email)
    if db_user:
        raise HTTPException(status_code=400, detail="Email already registered")

    # Hash the password
    hashed_password = auth_views.pwd_context.hash(user.password)

    # Generate a verification token
    verification_token = generate_verification_token(user.email)
    reset_link = f"https://gregniuki-loginauth.hf.space/verify?token={verification_token}"
    # Send a verification email
    send_verification_email(user.email, reset_link)

    # Verify the email
   # verify_email(verification_token, db)

    # Create the user in the database
    # Set the email_verification_token field in the User model
    user_in_db = User(
        email=user.email,
        username=user.username,  # Set the username here
        hashed_password=hashed_password,
        email_verification_token=verification_token
    )


    db.add(user_in_db)
    db.commit()
    db.refresh(user_in_db)
    return user_in_db


def resetpassword(user: User, db: Session):
    # Generate a verification token
    verification_token = generate_verification_token(user.email)

    # Send a verification email with reset linkhttps://gregniuki-loginauth.hf.space/verify/{verification_token}
    reset_link = f"https://gregniuki-loginauth.hf.space/reset-password?token={verification_token}"
    send_verification_email(user.email, reset_link)

    # Update the user's email verification token
    user.email_verification_token = verification_token
    db.commit()

def get_current_user(token: str = Depends(verify_token)):
    if not token:
        raise HTTPException(status_code=401, detail="Token not valid")
    return token