Development

docker/routlin-dash/app/pages/accountcreate/action.py

@@ -88,9 +88,8 @@ def form_create():
 
     salt   = bcrypt.gensalt()
     hashed = bcrypt.hashpw(password.encode('utf-8'), salt).decode('utf-8')
-    code   = f'{secrets.randbelow(1000000):06d}'
-    expires_ts = int(time.time()) + CODE_TTL_SECS
-    tz_offset  = _tz_to_offset_seconds(tz)
+    code      = f'{secrets.randbelow(1000000):06d}'
+    tz_offset = _tz_to_offset_seconds(tz)
 
     try:
         _send_verification_email(account['email_address'], code)
@@ -101,10 +100,16 @@ def form_create():
     try:
         con = config_utils.open_accounts_db()
         con.execute(
-            '''INSERT OR REPLACE INTO pending_verifications
-               (email, hashed_password, tz_offset_seconds, code, expires_ts)
-               VALUES (?,?,?,?,?)''',
-            (account['email_address'].lower(), hashed, tz_offset, code, expires_ts)
+            '''INSERT INTO clients
+               (cookie_unique_token, email, hashed_password, tz_offset_seconds, verification_code, code_sent_ts)
+               VALUES (?,?,?,?,?,?)
+               ON CONFLICT(cookie_unique_token) DO UPDATE SET
+                   email=excluded.email,
+                   hashed_password=excluded.hashed_password,
+                   tz_offset_seconds=excluded.tz_offset_seconds,
+                   verification_code=excluded.verification_code,
+                   code_sent_ts=excluded.code_sent_ts''',
+            (session.sid, account['email_address'].lower(), hashed, tz_offset, code, int(time.time()))
         )
         con.commit()
         con.close()
@@ -112,6 +117,4 @@ def form_create():
         flash(f'Could not store verification: {exc}', 'error')
         return redirect(f'/{_PAGE}')
 
-    session['pending_verify_email'] = account['email_address']
-
     return redirect('/accountverifyemail')