profitroll/PhotosAPI
profitroll/PhotosAPI
1
0
Fork 0
Code Issues 4 Pull Requests Releases 7 Wiki Activity

Email confirmations added

Browse Source
This commit is contained in:
Profitroll 2023-01-07 21:48:43 +01:00
parent 6df2d274b1
commit 31d42f3ce7
4 changed files with 126 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
config_example.json
View File

@ -11,6 +11,30 @@
"key_invalid": "Invalid API key", "key_invalid": "Invalid API key",
"key_valid": "Valid API key", "key_valid": "Valid API key",
"bad_request": "Bad request. Read the docs at photos.end-play.xyz/docs", "bad_request": "Bad request. Read the docs at photos.end-play.xyz/docs",
"ip_blacklisted": "Your IP is blacklisted. Make sure you are using correct API address." "ip_blacklisted": "Your IP is blacklisted. Make sure you are using correct API address.",
"credentials_invalid": "Incorrect user or password",
"user_already_exists": "User with this username already exists.",
"email_confirmed": "Email confirmed. You can now log in.",
"email_code_invalid": "Confirmation code is invalid."
},
"external_address": "localhost",
"registration_enabled": true,
"registration_requires_confirmation": true,
"mailer": {
"smtp": {
"host": "",
"port": 0,
"sender": "",
"login": "",
"password": "",
"use_ssl": true,
"use_tls": false
},
"messages": {
"registration_confirmation": {
"subject": "Email confirmation",
"message": "To confirm your email please follow this link: {0}"
}
}
} }
} }

78
extensions/security.py
View File

@ -1,9 +1,16 @@
from datetime import timedelta from datetime import datetime, timedelta
from modules.database import col_users from modules.database import col_users, col_albums, col_photos, col_emails, col_videos, col_emails, col_tokens
from modules.app import app from modules.app import app
from modules.utils import configGet, logWrite
from modules.scheduler import scheduler
from modules.mailer import mail_sender
from fastapi import Depends, HTTPException, Response from uuid import uuid1
from starlette.status import HTTP_204_NO_CONTENT from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
from fastapi import Depends, HTTPException
from fastapi.responses import Response, UJSONResponse
from starlette.status import HTTP_204_NO_CONTENT, HTTP_400_BAD_REQUEST, HTTP_406_NOT_ACCEPTABLE
from fastapi.security import ( from fastapi.security import (
OAuth2PasswordRequestForm, OAuth2PasswordRequestForm,
) )
@ -15,15 +22,30 @@ from modules.security import (
authenticate_user, authenticate_user,
create_access_token, create_access_token,
get_current_active_user, get_current_active_user,
get_password_hash get_password_hash,
get_user,
verify_password
) )
async def send_confirmation(user: str, email: str):
confirmation_code = str(uuid1())
try:
mail_sender.sendmail(
from_addr=configGet("sender", "mailer", "smtp"),
to_addrs=email,
msg=f'From: {configGet("sender", "mailer", "smtp")}\nSubject: Email confirmation\n\n'+configGet("message", "mailer", "messages", "registration_confirmation").format(configGet("external_address")+f"/users/{user}/confirm?code={confirmation_code}")
)
col_emails.insert_one( {"user": user, "email": email, "used": False, "code": confirmation_code} )
except Exception as exp:
logWrite(f"Could not send confirmation email to '{email}' due to: {exp}")
@app.post("/token", response_model=Token) @app.post("/token", response_model=Token)
async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends()): async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends()):
user = authenticate_user(form_data.username, form_data.password) user = authenticate_user(form_data.username, form_data.password)
if not user: if not user:
raise HTTPException(status_code=400, detail="Incorrect user or password") raise HTTPException(status_code=400, detail=configGet("credentials_invalid", "messages"))
access_token_expires = timedelta(days=ACCESS_TOKEN_EXPIRE_DAYS) access_token_expires = timedelta(days=ACCESS_TOKEN_EXPIRE_DAYS)
access_token = create_access_token( access_token = create_access_token(
data={"sub": user.user, "scopes": form_data.scopes}, data={"sub": user.user, "scopes": form_data.scopes},
@ -37,19 +59,37 @@ async def read_users_me(current_user: User = Depends(get_current_active_user)):
return current_user return current_user
@app.post("/users", response_class=Response) if configGet("registration_requires_confirmation") is True:
async def create_users(user: str, email: str, password: str): @app.get("/users/{user}/confirm")
col_users.insert_one( {"user": user, "email": email, "hash": get_password_hash(password), "disabled": True} ) @app.patch("/users/{user}/confirm")
async def confirm_users(user: str, code: str):
confirm_record = col_emails.find_one( {"user": user, "code": code, "used": False} )
if confirm_record is None:
return HTTPException(HTTP_400_BAD_REQUEST, detail=configGet("email_code_invalid", "messages"))
col_emails.find_one_and_update( {"_id": confirm_record["_id"]}, {"$set": {"used": True}} )
col_users.find_one_and_update( {"user": confirm_record["user"]}, {"$set": {"disabled": False}} )
return UJSONResponse( {"detail": configGet("email_confirmed", "messages")} )
if configGet("registration_enabled") is True:
@app.post("/users")
async def create_users(user: str, email: str, password: str):
if col_users.find_one( {"user": user} ) is not None:
return HTTPException(HTTP_406_NOT_ACCEPTABLE, detail=configGet("user_already_exists", "messages"))
col_users.insert_one( {"user": user, "email": email, "hash": get_password_hash(password), "disabled": configGet("registration_requires_confirmation")} )
if configGet("registration_requires_confirmation") is True:
scheduler.add_job( send_confirmation, trigger="date", run_date=datetime.now()+timedelta(seconds=1), kwargs={"user": user, "email": email} )
return Response(status_code=HTTP_204_NO_CONTENT) return Response(status_code=HTTP_204_NO_CONTENT)
# @app.get("/users/me/items/") @app.delete("/users/me/")
# async def read_own_items( async def delete_users(password: str, current_user: User = Depends(get_current_active_user)):
# current_user: User = Security(get_current_active_user, scopes=["items"]) user = get_user(current_user.user)
# ): if not user:
# return [{"item_id": "Foo", "owner": current_user.user}] return False
if not verify_password(password, user.hash):
return HTTPException(HTTP_400_BAD_REQUEST, detail=configGet("credentials_invalid", "messages"))
# @app.get("/status/") col_users.delete_many( {"user": current_user.user} )
# async def read_system_status(current_user: User = Depends(get_current_user)): col_emails.delete_many( {"user": current_user.user} )
# return {"status": "ok"} col_photos.delete_many( {"user": current_user.user} )
col_videos.delete_many( {"user": current_user.user} )
col_albums.delete_many( {"user": current_user.user} )

3
modules/database.py
View File

@ -24,7 +24,7 @@ db = db_client.get_database(name=db_config["name"])
collections = db.list_collection_names() collections = db.list_collection_names()
for collection in ["users", "albums", "photos", "videos", "tokens"]: for collection in ["users", "albums", "photos", "videos", "tokens", "emails"]:
if not collection in collections: if not collection in collections:
db.create_collection(collection) db.create_collection(collection)
@ -33,5 +33,6 @@ col_albums = db.get_collection("albums")
col_photos = db.get_collection("photos") col_photos = db.get_collection("photos")
col_videos = db.get_collection("videos") col_videos = db.get_collection("videos")
col_tokens = db.get_collection("tokens") col_tokens = db.get_collection("tokens")
col_emails = db.get_collection("emails")
col_photos.create_index([("location", GEOSPHERE)]) col_photos.create_index([("location", GEOSPHERE)])

39
modules/mailer.py Normal file
View File

@ -0,0 +1,39 @@
from smtplib import SMTP, SMTP_SSL
from traceback import print_exc
from ssl import create_default_context
from modules.utils import configGet, logWrite
try:
if configGet("use_ssl", "mailer", "smtp") is True:
mail_sender = SMTP_SSL(
configGet("host", "mailer", "smtp"),
configGet("port", "mailer", "smtp"),
)
logWrite(f"Initialized SMTP SSL connection")
elif configGet("use_tls", "mailer", "smtp") is True:
mail_sender = SMTP(
configGet("host", "mailer", "smtp"),
configGet("port", "mailer", "smtp"),
)
mail_sender.starttls(context=create_default_context())
mail_sender.ehlo()
logWrite(f"Initialized SMTP TLS connection")
else:
mail_sender = SMTP(
configGet("host", "mailer", "smtp"),
configGet("port", "mailer", "smtp")
)
mail_sender.ehlo()
logWrite(f"Initialized SMTP connection")
except Exception as exp:
logWrite(f"Could not initialize SMTP connection to: {exp}")
print_exc()
try:
mail_sender.login(
configGet("login", "mailer", "smtp"),
configGet("password", "mailer", "smtp")
)
logWrite(f"Successfully initialized mailer")
except Exception as exp:
logWrite(f"Could not login into provided SMTP account due to: {exp}")