wpcodevo
diff --git a/‎.env
+7 b/‎.env
+7
diff --git a/‎app/config.py
+8 b/‎app/config.py
+8
diff --git a/‎app/email.py
+62 b/‎app/email.py
+62
diff --git a/‎app/oauth2.py
+27 b/‎app/oauth2.py
+27
diff --git a/‎app/routers/auth.py
+30-4 b/‎app/routers/auth.py
+30-4
@@ -11,6 +11,13 @@ JWT_ALGORITHM=RS256
 
 CLIENT_ORIGIN=http://localhost:3000
 
+VERIFICATION_SECRET=my-email-verification-secret
+
+EMAIL_HOST=smtp.mailtrap.io
+EMAIL_PORT=587
+EMAIL_USERNAME=4aeca0c9318dd2
+EMAIL_PASSWORD=a987a0e0eac00d
+EMAIL_FROM=admin@admin.com
 
 JWT_PRIVATE_KEY=LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlCT2dJQkFBSkJBSSs3QnZUS0FWdHVQYzEzbEFkVk94TlVmcWxzMm1SVmlQWlJyVFpjd3l4RVhVRGpNaFZuCi9KVHRsd3h2a281T0pBQ1k3dVE0T09wODdiM3NOU3ZNd2xNQ0F3RUFBUUpBYm5LaENOQ0dOSFZGaHJPQ0RCU0IKdmZ2ckRWUzVpZXAwd2h2SGlBUEdjeWV6bjd0U2RweUZ0NEU0QTNXT3VQOXhqenNjTFZyb1pzRmVMUWlqT1JhUwp3UUloQU84MWl2b21iVGhjRkltTFZPbU16Vk52TGxWTW02WE5iS3B4bGh4TlpUTmhBaUVBbWRISlpGM3haWFE0Cm15QnNCeEhLQ3JqOTF6bVFxU0E4bHUvT1ZNTDNSak1DSVFEbDJxOUdtN0lMbS85b0EyaCtXdnZabGxZUlJPR3oKT21lV2lEclR5MUxaUVFJZ2ZGYUlaUWxMU0tkWjJvdXF4MHdwOWVEejBEWklLVzVWaSt6czdMZHRDdUVDSUVGYwo3d21VZ3pPblpzbnU1clBsTDJjZldLTGhFbWwrUVFzOCtkMFBGdXlnCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0t
 JWT_PUBLIC_KEY=LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBSSs3QnZUS0FWdHVQYzEzbEFkVk94TlVmcWxzMm1SVgppUFpSclRaY3d5eEVYVURqTWhWbi9KVHRsd3h2a281T0pBQ1k3dVE0T09wODdiM3NOU3ZNd2xNQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQ==
@@ -17,6 +17,14 @@ class Settings(BaseSettings):
 
     CLIENT_ORIGIN: str
 
+    VERIFICATION_SECRET: str
+
+    EMAIL_HOST: str
+    EMAIL_PORT: int
+    EMAIL_USERNAME: str
+    EMAIL_PASSWORD: str
+    EMAIL_FROM: EmailStr
+
     class Config:
         env_file = './.env'
 
 
@@ -0,0 +1,62 @@
+from typing import List
+from fastapi_mail import FastMail, MessageSchema, ConnectionConfig
+from pydantic import EmailStr, BaseModel
+from . import models
+from .config import settings
+from jinja2 import Environment, select_autoescape, PackageLoader
+
+
+env = Environment(
+    loader=PackageLoader('app', 'templates'),
+    autoescape=select_autoescape(['html', 'xml'])
+)
+
+
+class EmailSchema(BaseModel):
+    email: List[EmailStr]
+
+
+class Email:
+    def __init__(self, user: models.User, url: str, email: List[EmailStr]):
+        self.name = user.name
+        self.sender = 'Codevo <admin@admin.com>'
+        self.email = email
+        self.url = url
+        pass
+
+    async def sendMail(self, subject, template):
+        # Define the config
+        conf = ConnectionConfig(
+            MAIL_USERNAME=settings.EMAIL_USERNAME,
+            MAIL_PASSWORD=settings.EMAIL_PASSWORD,
+            MAIL_FROM=settings.EMAIL_FROM,
+            MAIL_PORT=settings.EMAIL_PORT,
+            MAIL_SERVER=settings.EMAIL_HOST,
+            MAIL_TLS=True,
+            MAIL_SSL=False,
+            USE_CREDENTIALS=True,
+            VALIDATE_CERTS=True
+        )
+        # Generate the HTML template base on the template name
+        template = env.get_template(f'{template}.html')
+
+        html = template.render(
+            url=self.url,
+            first_name=self.name,
+            subject=subject
+        )
+
+        # Define the message options
+        message = MessageSchema(
+            subject=subject,
+            recipients=self.email,
+            body=html,
+            subtype="html"
+        )
+
+        # Send the email
+        fm = FastMail(conf)
+        await fm.send_message(message)
+
+    async def sendVerificationCode(self):
+        await self.sendMail('Your verification code (Valid for 10min)', 'verification')
@@ -1,8 +1,10 @@
 import base64
+from datetime import datetime, timedelta
 from typing import List
 from fastapi import Depends, HTTPException, status
 from fastapi_jwt_auth import AuthJWT
 from pydantic import BaseModel
+from jose import jwt, JWTError
 
 from . import models
 from .database import get_db
@@ -63,3 +65,28 @@ def require_user(db: Session = Depends(get_db), Authorize: AuthJWT = Depends()):
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED, detail='Token is invalid or has expired')
     return user_id
+
+
+def create_verification_token(user_id: str):
+    expires = datetime.utcnow() + timedelta(minutes=30)
+    payload = {'user_id': user_id, 'exp': expires}
+    return jwt.encode(payload, settings.VERIFICATION_SECRET, algorithm='HS256')
+
+
+def verify_email_token(token: str):
+    try:
+        decoded = jwt.decode(
+            token, settings.VERIFICATION_SECRET, algorithms=['HS256'])
+        user_id = decoded.get('user_id')
+        if not user_id:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST, detail='Could not verify user')
+    except JWTError as e:
+        error = e.__class__.__name__
+        print(error)
+        if error == 'ExpiredSignatureError':
+            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED,
+                                detail='Token is invalid or has expired')
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST, detail='Could not verify user')
+    return user_id
@@ -8,15 +8,16 @@
 from ..database import get_db
 from app.oauth2 import AuthJWT
 from ..config import settings
+from ..email import Email
 
 
 router = APIRouter()
 ACCESS_TOKEN_EXPIRES_IN = settings.ACCESS_TOKEN_EXPIRES_IN
 REFRESH_TOKEN_EXPIRES_IN = settings.REFRESH_TOKEN_EXPIRES_IN
 
 
-@router.post('/register', status_code=status.HTTP_201_CREATED, response_model=schemas.UserResponse)
-async def create_user(payload: schemas.CreateUserSchema, db: Session = Depends(get_db)):
+@router.post('/register', status_code=status.HTTP_201_CREATED)
+async def create_user(payload: schemas.CreateUserSchema, request: Request, db: Session = Depends(get_db)):
     # Check if user already exist
     user = db.query(models.User).filter(
         models.User.email == EmailStr(payload.email.lower())).first()
@@ -31,13 +32,22 @@ async def create_user(payload: schemas.CreateUserSchema, db: Session = Depends(g
     payload.password = utils.hash_password(payload.password)
     del payload.passwordConfirm
     payload.role = 'user'
-    payload.verified = True
+    payload.verified = False
     payload.email = EmailStr(payload.email.lower())
     new_user = models.User(**payload.dict())
     db.add(new_user)
     db.commit()
     db.refresh(new_user)
-    return new_user
+
+    try:
+        token = oauth2.create_verification_token(str(new_user.id))
+        url = f"{request.url.scheme}://{request.client.host}:{request.url.port}/api/auth/verifyemail/{token}"
+        await Email(new_user, url, [payload.email]).sendVerificationCode()
+    except Exception as error:
+        print('Error', error)
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                            detail='There was an error sending email')
+    return {'status': 'success', 'message': 'Verification token successfully sent to your email'}
 
 
 @router.post('/login')
@@ -115,3 +125,19 @@ def logout(response: Response, Authorize: AuthJWT = Depends(), user_id: str = De
     response.set_cookie('logged_in', '', -1)
 
     return {'status': 'success'}
+
+
+@router.get('/verifyemail/{token}')
+def verify_me(token: str, db: Session = Depends(get_db)):
+    id = oauth2.verify_email_token(token)
+    user_query = db.query(models.User).filter(models.User.id == id)
+    user = user_query.first()
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND, detail='User no longer exist')
+    user_query.update({'verified': True}, synchronize_session=False)
+    db.commit()
+    return {
+        "status": "success",
+        "message": "Account verified successfully"
+    }