oib/at2-webapp-dicta2stream
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 2025-05-21_08:58:06

Browse Source
This commit is contained in:
oib
2025-05-21 08:58:07 +02:00
parent 1011f58d00
commit 39934115a1
28 changed files with 2166 additions and 672 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
magic.py
View File

@ -11,20 +11,24 @@ router = APIRouter()
@router.post("/magic-login")
def magic_login(request: Request, db: Session = Depends(get_db), token: str = Form(...)):
print(f"[magic-login] Received token: {token}")
user = db.exec(select(User).where(User.token == token)).first()
print(f"[magic-login] User lookup: {'found' if user else 'not found'}")
if not user:
print("[magic-login] Invalid or expired token")
return RedirectResponse(url="/?error=Invalid%20or%20expired%20token", status_code=302)
if user.confirmed:
return RedirectResponse(url="/?error=Token%20already%20used", status_code=302)
if datetime.utcnow() - user.token_created > timedelta(minutes=15):
if datetime.utcnow() - user.token_created > timedelta(minutes=30):
print(f"[magic-login] Token expired for user: {user.username}")
return RedirectResponse(url="/?error=Token%20expired", status_code=302)
user.confirmed = True
# record client IP on confirmation
user.ip = request.client.host
db.commit()
if not user.confirmed:
user.confirmed = True
user.ip = request.client.host
db.commit()
print(f"[magic-login] User {user.username} confirmed. Redirecting to /?login=success&confirmed_uid={user.username}")
else:
print(f"[magic-login] Token already used for user: {user.username}, but allowing multi-use login.")
return RedirectResponse(url=f"/?login=success&confirmed_uid={user.username}", status_code=302)