MAJOR: Restructured backend Flask application moved all non-routes into utils, renamed routes to not prefix get, created middleware.py to replace utils.py within blueprints

2025-02-08 14:35:46 +00:00
parent ae623eee0d
commit e6b8ad9b9e
16 changed files with 631 additions and 550 deletions
--- a/web_server/utils/auth.py
+++ b/web_server/utils/auth.py
@@ -0,0 +1,45 @@
+from database.database import Database
+from itsdangerous import URLSafeTimedSerializer, BadSignature, SignatureExpired
+from typing import Optional
+from dotenv import load_dotenv
+from os import getenv
+from werkzeug.security import generate_password_hash
+load_dotenv()
+
+serializer = URLSafeTimedSerializer(getenv("AUTH_SECRET_KEY"))
+def generate_token(email, salt_value) -> str:
+    """
+    Creates a token for password reset
+    """
+    token = serializer.dumps(email, salt=salt_value)
+    return token
+
+def verify_token(token: str, salt_value) -> Optional[str]:
+    """
+    Given a token, verifies and decodes it into an email
+    """
+    
+    try:
+        email = serializer.loads(token, salt=salt_value, max_age=3600)
+        return email
+    except SignatureExpired:
+        # Token expired
+        print("Token has expired", flush=True)
+        return None
+    except BadSignature:
+        # Invalid token
+        print("Token is invalid", flush=True)
+        return None
+
+def reset_password(new_password: str, email: str) -> bool:
+    """
+    Given email and new password reset the password for a given user
+    """
+    with Database() as db:
+        db.execute("""
+            UPDATE users 
+            SET password = ? 
+            WHERE email = ?
+        """, (generate_password_hash(new_password), email))
+    
+    return True