implement email verification in db

2024-11-25 08:38:59 +00:00 · 2019-09-10 11:17:06 +10:00 · 2019-09-10 11:17:06 +10:00 · d7f15601d5
commit d7f15601d5
parent 49ddde2b9f
2 changed files with 13 additions and 1 deletions
--- a/setup.sql
+++ b/setup.sql
@ -3,6 +3,7 @@ CREATE TABLE IF NOT EXISTS `users` (
  `id` INT AUTO_INCREMENT PRIMARY KEY,
  `email` VARCHAR(128) UNIQUE NOT NULL,
  `password` BINARY(60) NOT NULL,
  `email_verified` BOOLEAN DEFAULT 0,
  `fetch` ENUM('always', 'once', 'never') DEFAULT 'once',
  `submit` ENUM('always', 'once', 'never') DEFAULT 'once',
  `generation` ENUM('always', 'once', 'never') DEFAULT 'once',
--- a/webui.py
+++ b/webui.py
@ -106,9 +106,20 @@ def settings():
 			pw = bcrypt.hashpw(pw_hashed, bcrypt.gensalt(12))
 			c.execute("UPDATE users SET password = %s WHERE id = %s", (pw, session['user_id']))
 		# don't require email verification again if the new email address is the same as the old one
 		c.execute("SELECT email_verified FROM users WHERE id = %s", (session['user_id'],))
 		if c.fetchone()[0]:
 			c.execute("SELECT email FROM users WHERE id = %s", (session['user_id'],))
 			previous_email = c.fetchone()[0]
 			email_verified = (previous_email == request.form['email'])
 		else:
 			email_verified = False
 		try:
-			c.execute("UPDATE users SET email = %s, `fetch` = %s, submit = %s, generation = %s, reply = %s WHERE id = %s", (
+			c.execute("UPDATE users SET email = %s, email_verified = %s, `fetch` = %s, submit = %s, generation = %s, reply = %s WHERE id = %s", (
 				request.form['email'],
 				email_verified,
 				request.form['fetch-error'],
 				request.form['submit-error'],
 				request.form['generation-error'],