Customer_Gateway/api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6c35393f1fcfc146dc182513d24ff4d837ccf16a
api/routes/auth/confirm.py
Edwin Eames 6c35393f1f feat(auth): require email confirmation for new accounts 
Updates the user registration and new account creation endpoints to require email confirmation.

- Sets the 'confirmed' flag to 'false' by default for all new user accounts.
- Generates a unique confirmation token for each new user.
- Logs the confirmation link to the console for development purposes.

This change ensures that users cannot log in without first verifying their email address, enhancing account security.
2026-01-18 16:28:33 -05:00

26 lines
817 B
Python
Raw Blame History

from fastapi import APIRouter, Depends, HTTPException
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy import select
from database import get_db
from models import Account_User
from datetime import datetime, timezone
router = APIRouter()
@router.get("/confirm-email")
async def confirm_email(token: str, db: AsyncSession = Depends(get_db)):
result = await db.execute(select(Account_User).where(Account_User.confirmation_token == token))
user = result.scalar_one_or_none()
if not user:
raise HTTPException(status_code=400, detail="Invalid token")
if user.confirmed:
return {"message": "Account already confirmed"}
user.confirmed = 1
user.confirmed_at = datetime.now(timezone.utc)
await db.commit()
return {"message": "Email confirmed successfully"}
Reference in New Issue View Git Blame Copy Permalink