From d104227a75436f90c247779d8460bbe4eb909a58 Mon Sep 17 00:00:00 2001
From: pstruebi <pstruebi>
Date: Tue, 14 Jun 2022 13:55:26 +0200
Subject: [PATCH] working on confirmation

---
 app.py                       |  2 ++
 auth.py                      | 51 ++++++++++++++++++++++++++++++++++--
 email.py                     | 13 +++++++++
 schema.sql                   |  3 ++-
 templates/auth/activate.html |  4 +++
 templates/auth/register.html |  4 +--
 6 files changed, 72 insertions(+), 5 deletions(-)
 create mode 100644 email.py
 create mode 100644 templates/auth/activate.html

diff --git a/app.py b/app.py
index 89d9036..569cc02 100644
--- a/app.py
+++ b/app.py
@@ -10,6 +10,8 @@ import auth
 
 app = Flask(__name__)
 app.config['SECRET_KEY'] = '\xacI4\x077\x16?Q\xb4")\xdb\x066\x95\x11i\x0b\x0c&\xb6rP\''
+app.config['SECURITY_PASSWORD_SALT'] = '>\xe3\x9bz\xfd\xbc[\xe22\xcfK\xca\x88!\xd8\xd5,\xd0\x95\x0c\x02\xad\xfa\x9d'
+
 app.teardown_appcontext(db.close_db)
 app.cli.add_command(db.init_db_command)
 app.register_blueprint(auth.bp)
diff --git a/auth.py b/auth.py
index f0acc4f..80ca556 100644
--- a/auth.py
+++ b/auth.py
@@ -1,11 +1,15 @@
 import functools
+from django import db
 
 from flask import (
     Blueprint, flash, g, redirect, render_template, request, session, url_for
 )
 from werkzeug.security import check_password_hash, generate_password_hash
+from itsdangerous import URLSafeTimedSerializer
 
 from db import get_db
+from app import app
+
 
 bp = Blueprint('auth', __name__, url_prefix='/auth')
 
@@ -55,7 +59,7 @@ def login():
             'SELECT * FROM user WHERE email = ?', (email,)
         ).fetchone()
 
-        if email is None:
+        if user is None:
             error = 'Email existiert nicht.'
         elif not check_password_hash(user['password'], password):
             error = 'Incorrect password.'
@@ -93,7 +97,50 @@ def login_required(view): # use this as decorator
     def wrapped_view(**kwargs):
         if g.user is None:
             return redirect(url_for('auth.login'))
+        elif not g.user["confirmed"]:
+            flash("Benutzer noch nicht freigeschaltet.")
+            return redirect(url_for('auth.login'))
 
         return view(**kwargs)
 
-    return wrapped_view
\ No newline at end of file
+    return wrapped_view
+
+
+def generate_confirmation_token(email):
+    serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
+    return serializer.dumps(email, salt=app.config['SECURITY_PASSWORD_SALT'])
+
+
+def confirm_token(token, expiration=3600):
+    serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
+    try:
+        email = serializer.loads(
+            token,
+            salt=app.config['SECURITY_PASSWORD_SALT'],
+            # max_age=expiration
+        )
+    except:
+        return False
+    return email
+
+
+@bp.route('/confirm/<token>')
+@login_required
+def confirm_email(token):
+    try:
+        email = confirm_token(token)
+    except:
+        flash('The confirmation link is invalid or has expired.', 'danger')
+        
+    if g.user["confirmed"]:
+        flash('Account already confirmed. Please login.', 'success')
+    else:
+        db = get_db()
+        db.execute(
+            "UPDATE user SET confirmed = '1' where email = ?",
+            (email,)
+        )
+        db.commit()
+
+        flash('You have confirmed your account. Thanks!', 'success')
+    return redirect(url_for('main.home'))
\ No newline at end of file
diff --git a/email.py b/email.py
new file mode 100644
index 0000000..1e91cae
--- /dev/null
+++ b/email.py
@@ -0,0 +1,13 @@
+from flask.ext.mail import Message
+
+from app import app, mail
+
+
+def send_email(to, subject, template):
+    msg = Message(
+        subject,
+        recipients=[to],
+        html=template,
+        sender=app.config['MAIL_DEFAULT_SENDER']
+    )
+    mail.send(msg)
\ No newline at end of file
diff --git a/schema.sql b/schema.sql
index 6d08916..77e385e 100644
--- a/schema.sql
+++ b/schema.sql
@@ -4,5 +4,6 @@ CREATE TABLE user (
   id INTEGER PRIMARY KEY AUTOINCREMENT,
   username TEXT NOT NULL,
   email TEXT UNIQUE NOT NULL,
-  password TEXT NOT NULL
+  password TEXT NOT NULL,
+  confirmed BOOLEAN DEFAULT FALSE
 );
diff --git a/templates/auth/activate.html b/templates/auth/activate.html
new file mode 100644
index 0000000..3edebc2
--- /dev/null
+++ b/templates/auth/activate.html
@@ -0,0 +1,4 @@
+<p>Welcome! Thanks for signing up. Please follow this link to activate your account:</p>
+<p><a href="{{ confirm_url }}">{{ confirm_url }}</a></p>
+<br>
+<p>Cheers!</p>
\ No newline at end of file
diff --git a/templates/auth/register.html b/templates/auth/register.html
index 75d9174..8b791c1 100644
--- a/templates/auth/register.html
+++ b/templates/auth/register.html
@@ -6,9 +6,9 @@
 
 {% block content %}
   <form method="post">
-    <label for="username">Username</label>
+    <label for="username">Name</label>
     <input name="username" id="username" required>
-    <label for="email">email</label>
+    <label for="email">Email</label>
     <input type="email" name="email" id="email" required>
     <label for="password">Password</label>
     <input type="password" name="password" id="password" required>