linuxrouter/docker/routlin-dash/app/pages/accountverifyemail/action.py

from pathlib import Path
from flask import Blueprint, request, session, redirect, flash
import time, secrets
import auth
import config_utils
import settings

_PAGE = Path(__file__).parent.name

bp = Blueprint(_PAGE, __name__)


@bp.route('/action/accountverifyemail/email_verify', methods=['POST'])
@auth.require_level('nothing')
def email_verify():
    if session.get('access_level', 'nothing') != 'nothing':
        return redirect('/overview')

    pending_email = session.get('pending_verify_email', '').lower()
    if not pending_email:
        flash('No pending account creation found. Please start over.', 'error')
        return redirect('/accountcreate')

    try:
        con  = config_utils.open_accounts_db()
        row  = con.execute(
            'SELECT * FROM pending_verifications WHERE email=?', (pending_email,)
        ).fetchone()
        con.close()
    except Exception:
        row = None

    if not row:
        flash('No pending account creation found. Please start over.', 'error')
        return redirect('/accountcreate')

    if int(time.time()) > row['expires_ts']:
        try:
            con = config_utils.open_accounts_db()
            con.execute('DELETE FROM pending_verifications WHERE email=?', (pending_email,))
            con.commit()
            con.close()
        except Exception:
            pass
        session.pop('pending_verify_email', None)
        flash('Verification code has expired. Please start over.', 'error')
        return redirect('/accountcreate')

    submitted = request.form.get('code', '').strip()
    if submitted != row['code']:
        flash('Incorrect verification code.', 'error')
        return redirect(f'/{_PAGE}')

    account = config_utils.get_account_by_email(pending_email)
    if account is None:
        session.pop('pending_verify_email', None)
        flash('Account no longer exists. Contact your manager.', 'error')
        return redirect('/accountcreate')

    if account.get('hashed_password'):
        session.pop('pending_verify_email', None)
        flash('This account is already set up. Please log in.', 'error')
        return redirect('/accountlogin')

    now = int(time.time())
    try:
        con = config_utils.open_accounts_db()
        con.execute(
            'UPDATE accounts SET hashed_password=?, created_ts=?, created_by=? WHERE account_id=?',
            (row['hashed_password'], now, 'self', account['account_id'])
        )
        con.execute('DELETE FROM pending_verifications WHERE email=?', (pending_email,))
        con.commit()
        con.close()
    except Exception as exc:
        flash(f'Could not complete account setup: {exc}', 'error')
        return redirect(f'/{_PAGE}')

    session.pop('pending_verify_email', None)
    session['account_id']                = account['account_id']
    session['tz_offset_seconds']         = int(row['tz_offset_seconds'])
    session['apply_changes_immediately'] = False
    session.permanent                    = True

    return redirect('/overview')


@bp.route('/action/accountverifyemail/email_resend')
@auth.require_level('nothing')
def email_resend():
    if session.get('access_level', 'nothing') != 'nothing':
        return redirect('/overview')

    from pages.accountcreate.action import _send_verification_email, CODE_TTL_SECS

    pending_email = session.get('pending_verify_email', '').lower()
    if not pending_email:
        flash('No pending account creation found. Please start over.', 'error')
        return redirect('/accountcreate')

    code       = f'{secrets.randbelow(1000000):06d}'
    expires_ts = int(time.time()) + CODE_TTL_SECS

    try:
        _send_verification_email(pending_email, code)
    except Exception as exc:
        flash(f'Could not resend verification email: {exc}', 'error')
        return redirect(f'/{_PAGE}')

    try:
        con = config_utils.open_accounts_db()
        con.execute(
            'UPDATE pending_verifications SET code=?, expires_ts=? WHERE email=?',
            (code, expires_ts, pending_email)
        )
        con.commit()
        con.close()
    except Exception:
        pass

    flash('A new verification code has been sent.', 'success')
    return redirect(f'/{_PAGE}')
Development 2026-05-27 22:04:04 -04:00			`from pathlib import Path`
Flask app progress 2026-05-17 03:26:01 -04:00			`from flask import Blueprint, request, session, redirect, flash`
Development 2026-06-10 14:23:47 -04:00			`import time, secrets`
Development 2026-06-07 00:21:08 -04:00			`import auth`
			`import config_utils`
Development 2026-06-10 14:23:47 -04:00			`import settings`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-05-27 22:04:04 -04:00			`_PAGE = Path(__file__).parent.name`

			`bp = Blueprint(_PAGE, __name__)`
Flask app progress 2026-05-17 03:26:01 -04:00

Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/accountverifyemail/email_verify', methods=['POST'])`
Development 2026-06-07 00:21:08 -04:00			`@auth.require_level('nothing')`
Development 2026-05-27 22:04:04 -04:00			`def email_verify():`
Flask app progress 2026-05-17 03:26:01 -04:00			`if session.get('access_level', 'nothing') != 'nothing':`
Development 2026-05-27 22:04:04 -04:00			`return redirect('/overview')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`pending_email = session.get('pending_verify_email', '').lower()`
			`if not pending_email:`
			`flash('No pending account creation found. Please start over.', 'error')`
			`return redirect('/accountcreate')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`try:`
			`con = config_utils.open_accounts_db()`
			`row = con.execute(`
			`'SELECT * FROM pending_verifications WHERE email=?', (pending_email,)`
			`).fetchone()`
			`con.close()`
			`except Exception:`
			`row = None`

			`if not row:`
Flask app progress 2026-05-17 03:26:01 -04:00			`flash('No pending account creation found. Please start over.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect('/accountcreate')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`if int(time.time()) > row['expires_ts']:`
			`try:`
			`con = config_utils.open_accounts_db()`
			`con.execute('DELETE FROM pending_verifications WHERE email=?', (pending_email,))`
			`con.commit()`
			`con.close()`
			`except Exception:`
			`pass`
			`session.pop('pending_verify_email', None)`
Flask app progress 2026-05-17 03:26:01 -04:00			`flash('Verification code has expired. Please start over.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect('/accountcreate')`
Flask app progress 2026-05-17 03:26:01 -04:00
			`submitted = request.form.get('code', '').strip()`
Development 2026-06-10 14:23:47 -04:00			`if submitted != row['code']:`
Flask app progress 2026-05-17 03:26:01 -04:00			`flash('Incorrect verification code.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`account = config_utils.get_account_by_email(pending_email)`
Flask app progress 2026-05-17 03:26:01 -04:00			`if account is None:`
Development 2026-06-10 14:23:47 -04:00			`session.pop('pending_verify_email', None)`
Flask app progress 2026-05-17 03:26:01 -04:00			`flash('Account no longer exists. Contact your manager.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect('/accountcreate')`
Flask app progress 2026-05-17 03:26:01 -04:00
			`if account.get('hashed_password'):`
Development 2026-06-10 14:23:47 -04:00			`session.pop('pending_verify_email', None)`
Flask app progress 2026-05-17 03:26:01 -04:00			`flash('This account is already set up. Please log in.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect('/accountlogin')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`now = int(time.time())`
			`try:`
			`con = config_utils.open_accounts_db()`
			`con.execute(`
			`'UPDATE accounts SET hashed_password=?, created_ts=?, created_by=? WHERE account_id=?',`
			`(row['hashed_password'], now, 'self', account['account_id'])`
			`)`
			`con.execute('DELETE FROM pending_verifications WHERE email=?', (pending_email,))`
			`con.commit()`
			`con.close()`
			`except Exception as exc:`
			`flash(f'Could not complete account setup: {exc}', 'error')`
			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`session.pop('pending_verify_email', None)`
			`session['account_id'] = account['account_id']`
			`session['tz_offset_seconds'] = int(row['tz_offset_seconds'])`
			`session['apply_changes_immediately'] = False`
			`session.permanent = True`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-05-27 22:04:04 -04:00			`return redirect('/overview')`
Flask app progress 2026-05-17 03:26:01 -04:00

Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/accountverifyemail/email_resend')`
Development 2026-06-07 00:21:08 -04:00			`@auth.require_level('nothing')`
Development 2026-05-27 22:04:04 -04:00			`def email_resend():`
Flask app progress 2026-05-17 03:26:01 -04:00			`if session.get('access_level', 'nothing') != 'nothing':`
Development 2026-05-27 22:04:04 -04:00			`return redirect('/overview')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`from pages.accountcreate.action import _send_verification_email, CODE_TTL_SECS`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`pending_email = session.get('pending_verify_email', '').lower()`
			`if not pending_email:`
Flask app progress 2026-05-17 03:26:01 -04:00			`flash('No pending account creation found. Please start over.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect('/accountcreate')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`code = f'{secrets.randbelow(1000000):06d}'`
			`expires_ts = int(time.time()) + CODE_TTL_SECS`
Flask app progress 2026-05-17 03:26:01 -04:00
			`try:`
Development 2026-06-10 14:23:47 -04:00			`_send_verification_email(pending_email, code)`
Flask app progress 2026-05-17 03:26:01 -04:00			`except Exception as exc:`
			`flash(f'Could not resend verification email: {exc}', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-10 14:23:47 -04:00			`try:`
			`con = config_utils.open_accounts_db()`
			`con.execute(`
			`'UPDATE pending_verifications SET code=?, expires_ts=? WHERE email=?',`
			`(code, expires_ts, pending_email)`
			`)`
			`con.commit()`
			`con.close()`
			`except Exception:`
			`pass`
Flask app progress 2026-05-17 03:26:01 -04:00
			`flash('A new verification code has been sent.', 'success')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`