chilcano
diff --git a/‎alembic/versions/39256113e8e5_added_verification_code.py
Lines changed: 43 additions & 0 deletions b/‎alembic/versions/39256113e8e5_added_verification_code.py
Lines changed: 43 additions & 0 deletions
diff --git a/‎app/models.py
Lines changed: 2 additions & 0 deletions b/‎app/models.py
Lines changed: 2 additions & 0 deletions
diff --git a/‎app/oauth2.py
Lines changed: 0 additions & 27 deletions b/‎app/oauth2.py
Lines changed: 0 additions & 27 deletions
diff --git a/‎app/routers/auth.py
Lines changed: 26 additions & 8 deletions b/‎app/routers/auth.py
Lines changed: 26 additions & 8 deletions
@@ -0,0 +1,43 @@
+"""added verification code
+
+Revision ID: 39256113e8e5
+Revises: 1c7984990e1d
+Create Date: 2022-07-14 08:03:57.507140
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects import postgresql
+
+# revision identifiers, used by Alembic.
+revision = '39256113e8e5'
+down_revision = '1c7984990e1d'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_table('posts')
+    op.add_column('users', sa.Column('verification_code', sa.String(), nullable=True))
+    op.create_unique_constraint(None, 'users', ['verification_code'])
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_constraint(None, 'users', type_='unique')
+    op.drop_column('users', 'verification_code')
+    op.create_table('posts',
+    sa.Column('id', postgresql.UUID(), server_default=sa.text('uuid_generate_v4()'), autoincrement=False, nullable=False),
+    sa.Column('user_id', postgresql.UUID(), autoincrement=False, nullable=False),
+    sa.Column('title', sa.VARCHAR(), autoincrement=False, nullable=False),
+    sa.Column('content', sa.VARCHAR(), autoincrement=False, nullable=False),
+    sa.Column('category', sa.VARCHAR(), autoincrement=False, nullable=False),
+    sa.Column('image', sa.VARCHAR(), autoincrement=False, nullable=False),
+    sa.Column('created_at', postgresql.TIMESTAMP(timezone=True), server_default=sa.text('now()'), autoincrement=False, nullable=False),
+    sa.Column('updated_at', postgresql.TIMESTAMP(timezone=True), server_default=sa.text('now()'), autoincrement=False, nullable=False),
+    sa.ForeignKeyConstraint(['user_id'], ['users.id'], name='posts_user_id_fkey', ondelete='CASCADE'),
+    sa.PrimaryKeyConstraint('id', name='posts_pkey')
+    )
+    # ### end Alembic commands ###
@@ -1,3 +1,4 @@
+from enum import unique
 import uuid
 from .database import Base
 from sqlalchemy import TIMESTAMP, Column, String, Boolean, text
@@ -13,6 +14,7 @@ class User(Base):
     password = Column(String, nullable=False)
     photo = Column(String, nullable=True)
     verified = Column(Boolean, nullable=False, server_default='False')
+    verification_code = Column(String, nullable=True, unique=True)
     role = Column(String, server_default='user', nullable=False)
     created_at = Column(TIMESTAMP(timezone=True),
                         nullable=False, server_default=text("now()"))
 
@@ -1,10 +1,8 @@
 import base64
-from datetime import datetime, timedelta
 from typing import List
 from fastapi import Depends, HTTPException, status
 from fastapi_jwt_auth import AuthJWT
 from pydantic import BaseModel
-from jose import jwt, JWTError
 
 from . import models
 from .database import get_db
@@ -65,28 +63,3 @@ def require_user(db: Session = Depends(get_db), Authorize: AuthJWT = Depends()):
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED, detail='Token is invalid or has expired')
     return user_id
-
-
-def create_verification_token(user_id: str):
-    expires = datetime.utcnow() + timedelta(minutes=30)
-    payload = {'user_id': user_id, 'exp': expires}
-    return jwt.encode(payload, settings.VERIFICATION_SECRET, algorithm='HS256')
-
-
-def verify_email_token(token: str):
-    try:
-        decoded = jwt.decode(
-            token, settings.VERIFICATION_SECRET, algorithms=['HS256'])
-        user_id = decoded.get('user_id')
-        if not user_id:
-            raise HTTPException(
-                status_code=status.HTTP_400_BAD_REQUEST, detail='Could not verify user')
-    except JWTError as e:
-        error = e.__class__.__name__
-        print(error)
-        if error == 'ExpiredSignatureError':
-            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED,
-                                detail='Token is invalid or has expired')
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST, detail='Could not verify user')
-    return user_id
@@ -1,4 +1,6 @@
 from datetime import timedelta
+import hashlib
+from random import randbytes
 from fastapi import APIRouter, Request, Response, status, Depends, HTTPException
 from pydantic import EmailStr
 
@@ -19,8 +21,9 @@
 @router.post('/register', status_code=status.HTTP_201_CREATED)
 async def create_user(payload: schemas.CreateUserSchema, request: Request, db: Session = Depends(get_db)):
     # Check if user already exist
-    user = db.query(models.User).filter(
-        models.User.email == EmailStr(payload.email.lower())).first()
+    user_query = db.query(models.User).filter(
+        models.User.email == EmailStr(payload.email.lower()))
+    user = user_query.first()
     if user:
         raise HTTPException(status_code=status.HTTP_409_CONFLICT,
                             detail='Account already exist')
@@ -40,11 +43,21 @@ async def create_user(payload: schemas.CreateUserSchema, request: Request, db: S
     db.refresh(new_user)
 
     try:
-        token = oauth2.create_verification_token(str(new_user.id))
-        url = f"{request.url.scheme}://{request.client.host}:{request.url.port}/api/auth/verifyemail/{token}"
+        # Send Verification Email
+        token = randbytes(10)
+        hashedCode = hashlib.sha256()
+        hashedCode.update(token)
+        verification_code = hashedCode.hexdigest()
+        user_query.update(
+            {'verification_code': verification_code}, synchronize_session=False)
+        db.commit()
+        url = f"{request.url.scheme}://{request.client.host}:{request.url.port}/api/auth/verifyemail/{token.hex()}"
         await Email(new_user, url, [payload.email]).sendVerificationCode()
     except Exception as error:
         print('Error', error)
+        user_query.update(
+            {'verification_code': None}, synchronize_session=False)
+        db.commit()
         raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_E
CE44
RROR,
                             detail='There was an error sending email')
     return {'status': 'success', 'message': 'Verification token successfully sent to your email'}
@@ -129,13 +142,18 @@ def logout(response: Response, Authorize: AuthJWT = Depends(), user_id: str = De
 
 @router.get('/verifyemail/{token}')
 def verify_me(token: str, db: Session = Depends(get_db)):
-    id = oauth2.verify_email_token(token)
-    user_query = db.query(models.User).filter(models.User.id == id)
+    hashedCode = hashlib.sha256()
+    hashedCode.update(bytes.fromhex(token))
+    verification_code = hashedCode.hexdigest()
+    user_query = db.query(models.User).filter(
+        models.User.verification_code == verification_code)
+    db.commit()
     user = user_query.first()
     if not user:
         raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND, detail='User no longer exist')
-    user_query.update({'verified': True}, synchronize_session=False)
+            status_code=status.HTTP_403_FORBIDDEN, detail='Email can only be verified once')
+    user_query.update(
+        {'verified': True, 'verification_code': None}, synchronize_session=False)
     db.commit()
     return {
         "status": "success",