feat(auth): require email confirmation for new accounts

Updates the user registration and new account creation endpoints to require email confirmation.

- Sets the 'confirmed' flag to 'false' by default for all new user accounts.
- Generates a unique confirmation token for each new user.
- Logs the confirmation link to the console for development purposes.

This change ensures that users cannot log in without first verifying their email address, enhancing account security.

models/account.py

@@ -16,6 +16,9 @@ class Account_User(Base):
     last_seen = Column(TIMESTAMP(timezone=True), default=lambda: datetime.now(timezone.utc))
     password_reset_token = Column(TEXT, nullable=True)
     password_reset_expires = Column(TIMESTAMP(timezone=True), nullable=True)
+    confirmation_token = Column(TEXT, nullable=True)
+    confirmation_sent_at = Column(TIMESTAMP(timezone=True), nullable=True)
+    confirmed_at = Column(TIMESTAMP(timezone=True), nullable=True)
     admin = Column(Integer)
     admin_role = Column(Integer)
     confirmed = Column(Integer)
@@ -35,6 +38,9 @@ class Account_User(Base):
                  confirmed,
                  active=1,
                  user_id=None,
+                 confirmation_token=None,
+                 confirmation_sent_at=None,
+                 confirmed_at=None
                  ):
         self.username = username
         self.account_number = account_number
@@ -48,6 +54,9 @@ class Account_User(Base):
         self.confirmed = confirmed
         self.active = active
         self.user_id = user_id
+        self.confirmation_token = confirmation_token
+        self.confirmation_sent_at = confirmation_sent_at
+        self.confirmed_at = confirmed_at
 
     def is_authenticated(self):
         return True