mirror of
https://github.com/Lynnesbian/FediBooks/
synced 2024-11-25 08:38:59 +00:00
implement email verification in db
This commit is contained in:
parent
49ddde2b9f
commit
d7f15601d5
2 changed files with 13 additions and 1 deletions
|
@ -3,6 +3,7 @@ CREATE TABLE IF NOT EXISTS `users` (
|
||||||
`id` INT AUTO_INCREMENT PRIMARY KEY,
|
`id` INT AUTO_INCREMENT PRIMARY KEY,
|
||||||
`email` VARCHAR(128) UNIQUE NOT NULL,
|
`email` VARCHAR(128) UNIQUE NOT NULL,
|
||||||
`password` BINARY(60) NOT NULL,
|
`password` BINARY(60) NOT NULL,
|
||||||
|
`email_verified` BOOLEAN DEFAULT 0,
|
||||||
`fetch` ENUM('always', 'once', 'never') DEFAULT 'once',
|
`fetch` ENUM('always', 'once', 'never') DEFAULT 'once',
|
||||||
`submit` ENUM('always', 'once', 'never') DEFAULT 'once',
|
`submit` ENUM('always', 'once', 'never') DEFAULT 'once',
|
||||||
`generation` ENUM('always', 'once', 'never') DEFAULT 'once',
|
`generation` ENUM('always', 'once', 'never') DEFAULT 'once',
|
||||||
|
|
13
webui.py
13
webui.py
|
@ -105,10 +105,21 @@ def settings():
|
||||||
pw_hashed = hashlib.sha256(request.form['password'].encode('utf-8')).digest()
|
pw_hashed = hashlib.sha256(request.form['password'].encode('utf-8')).digest()
|
||||||
pw = bcrypt.hashpw(pw_hashed, bcrypt.gensalt(12))
|
pw = bcrypt.hashpw(pw_hashed, bcrypt.gensalt(12))
|
||||||
c.execute("UPDATE users SET password = %s WHERE id = %s", (pw, session['user_id']))
|
c.execute("UPDATE users SET password = %s WHERE id = %s", (pw, session['user_id']))
|
||||||
|
|
||||||
|
# don't require email verification again if the new email address is the same as the old one
|
||||||
|
c.execute("SELECT email_verified FROM users WHERE id = %s", (session['user_id'],))
|
||||||
|
if c.fetchone()[0]:
|
||||||
|
c.execute("SELECT email FROM users WHERE id = %s", (session['user_id'],))
|
||||||
|
previous_email = c.fetchone()[0]
|
||||||
|
|
||||||
|
email_verified = (previous_email == request.form['email'])
|
||||||
|
else:
|
||||||
|
email_verified = False
|
||||||
|
|
||||||
try:
|
try:
|
||||||
c.execute("UPDATE users SET email = %s, `fetch` = %s, submit = %s, generation = %s, reply = %s WHERE id = %s", (
|
c.execute("UPDATE users SET email = %s, email_verified = %s, `fetch` = %s, submit = %s, generation = %s, reply = %s WHERE id = %s", (
|
||||||
request.form['email'],
|
request.form['email'],
|
||||||
|
email_verified,
|
||||||
request.form['fetch-error'],
|
request.form['fetch-error'],
|
||||||
request.form['submit-error'],
|
request.form['submit-error'],
|
||||||
request.form['generation-error'],
|
request.form['generation-error'],
|
||||||
|
|
Loading…
Reference in a new issue