oib/at2-webapp-dicta2stream
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
at2-webapp-dicta2stream/magic.py
oib e748c737f4 Update 2025-04-24_11:44:19
2025-04-24 11:44:23 +02:00

31 lines
1.1 KiB
Python
Raw Permalink Blame History

# magic.py — handle magic token login confirmation
from fastapi import APIRouter, Form, HTTPException, Depends, Request
from fastapi.responses import RedirectResponse
from sqlmodel import Session, select
from database import get_db
from models import User
from datetime import datetime, timedelta
router = APIRouter()
@router.post("/magic-login")
def magic_login(request: Request, db: Session = Depends(get_db), token: str = Form(...)):
user = db.exec(select(User).where(User.token == token)).first()
if not user:
return RedirectResponse(url="/?error=Invalid%20or%20expired%20token", status_code=302)
if user.confirmed:
return RedirectResponse(url="/?error=Token%20already%20used", status_code=302)
if datetime.utcnow() - user.token_created > timedelta(minutes=15):
return RedirectResponse(url="/?error=Token%20expired", status_code=302)
user.confirmed = True
# record client IP on confirmation
user.ip = request.client.host
db.commit()
return RedirectResponse(url=f"/?login=success&confirmed_uid={user.username}", status_code=302)
Reference in New Issue View Git Blame Copy Permalink