diff --git a/web_server/blueprints/email.py b/web_server/blueprints/email.py index f8838c9..f18a12e 100644 --- a/web_server/blueprints/email.py +++ b/web_server/blueprints/email.py @@ -1,39 +1,33 @@ -from flask import Blueprint, session +from flask import Blueprint import smtplib from email.mime.text import MIMEText from os import getenv from random import randrange +from dotenv import load_dotenv +load_dotenv() email_bp = Blueprint("email", __name__) -@email_bp.route("/send_email", methods=["POST"]) -def send_email() -> None: +def send_email(user_email) -> None: """ Send a verification email to the user. """ # Setup the sender email details SMTP_SERVER = "smtp.gmail.com" SMTP_PORT = 587 - SMTP_EMAIL = "" - SMTP_PASSWORD = getenv() - - # Get the users email address - db = get_db() - user_email = db.fetchone(""" - SELECT email - FROM users - WHERE username = ?; - """, (session.get("username"),)) + SMTP_EMAIL = getenv("EMAIL") + SMTP_PASSWORD = getenv("EMAIL_PASSWORD") # Setup up the receiver details login_code = randrange(100000, 1000000) body = f"Here is your login code: {login_code}" # Make this better msg = MIMEText(body) - msg["Subject"] = "Your Gander Login Code" + msg["Subject"] = "Reset Gander Login" msg["From"] = SMTP_EMAIL msg["To"] = user_email + # Send the email using smtplib with smtplib.SMTP(SMTP_SERVER, SMTP_PORT) as smtp: try: diff --git a/web_server/blueprints/user.py b/web_server/blueprints/user.py index 116a4c5..d4b6960 100644 --- a/web_server/blueprints/user.py +++ b/web_server/blueprints/user.py @@ -1,6 +1,7 @@ from flask import Blueprint, jsonify, session from utils.user_utils import is_subscribed, is_following, subscription_expiration, verify_token, reset_password, get_user_id, unfollow from blueprints.utils import login_required +from utils.user_utils import get_email user_bp = Blueprint("user", __name__) @@ -57,12 +58,16 @@ def get_login_status(): username = session.get("username") return jsonify({'status': username is not None, 'username': username}) -@user_bp.route('/forgot_password', methods=['POST']) -def user_forgot_password(): +@user_bp.route('/forgot_password/', defaults={'email': None}, methods=['POST']) +@user_bp.route('/forgot_password/', methods=['POST']) +def user_forgot_password(email): """ Will send link to email to reset password by looking at the user_id within session to see whos password should be reset Creates a super random number to be used a the link to reset password I guess a random number generator seeded with a secret """ + user_id = session.get("user_id") + if user_id != None: + email = get_email(user_id) return @user_bp.route('/reset_password//') diff --git a/web_server/utils/user_utils.py b/web_server/utils/user_utils.py index b27b328..e6ba9c2 100644 --- a/web_server/utils/user_utils.py +++ b/web_server/utils/user_utils.py @@ -123,4 +123,14 @@ def reset_password(new_password: str, email: str) -> bool: WHERE email = ? """, (generate_password_hash(new_password), email)) - return True \ No newline at end of file + return True + +def get_email(user_id: int) -> Optional[str]: + with Database() as db: + email = db.fetchone(""" + SELECT email + FROM users + WHERE user_id = ? + """, (user_id,)) + + return email["email"] if email else None \ No newline at end of file