Add email verification on singup

TechdocsAPI/backend/__init__.py

@@ -3,6 +3,7 @@ from mysql.connector import errorcode
 
 from fastapi import FastAPI, status
 from fastapi.exceptions import HTTPException
+from fastapi.templating import Jinja2Templates
 
 from backend.utils import DBConnection
 from backend.core.ConfigEnv import config
@@ -11,6 +12,8 @@ from langchain.llms import Clarifai
 from langchain.chains import LLMChain
 from langchain.prompts import PromptTemplate 
 
+from fastapi_mail import ConnectionConfig, FastMail
+
 app = FastAPI(title="Techdocs",
               version="V0.0.1",
               description="API for automatic code documentation generation!"
@@ -43,6 +46,27 @@ try:
     app.state.llmchain = llmchain
 
 
+    conf = ConnectionConfig(
+        MAIL_USERNAME=config.MAIL_USERNAME,
+        MAIL_PASSWORD=config.MAIL_PASSWORD,
+        MAIL_FROM=config.MAIL_FROM,
+        MAIL_PORT=587,
+        MAIL_SERVER="smtp.gmail.com",
+        MAIL_STARTTLS=True,
+        MAIL_SSL_TLS=False,
+        TEMPLATE_FOLDER="backend/templates",
+        USE_CREDENTIALS = True,
+        VALIDATE_CERTS = True
+        
+        # MAIL_TLS=True,
+        # MAIL_SSL=False
+    )
+
+    app.state.mail_client = FastMail(conf)
+    app.state.templates = Jinja2Templates(directory="./backend/templates")
+
+
+
 except mysql.connector.Error as err:
     raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=str(err))    
 

TechdocsAPI/backend/core/ConfigEnv.py

@@ -13,12 +13,17 @@ class Settings(BaseSettings):
     ALGORITHM:str
     JWT_SECRET_KEY:str
     JWT_REFRESH_SECRET_KEY:str
+    JWT_VERIFICATION_SECRET_KEY:str
     # OPENAI_KEY:str
     APP_ID:str
     USER_ID:str
     MODEL_ID:str
     CLARIFAI_PAT:str
     MODEL_VERSION_ID:str
+
+    MAIL_USERNAME:str
+    MAIL_PASSWORD:str
+    MAIL_FROM:str
     
     class Config:
         env_file = ".env"

TechdocsAPI/backend/core/ExceptionHandlers.py

@@ -13,6 +13,11 @@ async def handle_existing_user_found(request: Request, exec: ExistingUserExcepti
                         content=repr(exec)
                         )
 
+@app.exception_handler(EmailNotVerifiedException)
+async def email_not_verified(request: Request, exec: EmailNotVerifiedException):
+    return JSONResponse(status_code=status.HTTP_403_FORBIDDEN,
+                        content=repr(exec)
+                        )
 
 @app.exception_handler(InvalidCredentialsException)
 async def handle_login_failed(request: Request, exec: InvalidCredentialsException):

TechdocsAPI/backend/core/Exceptions.py

@@ -43,3 +43,15 @@ class InfoNotFoundException(Exception):
 
     def __repr__(self):
         return "exception.InfoNotFoundException()"
+
+
+class EmailNotVerifiedException(Exception):
+    def __init__(self):
+        self.set_statuses()
+        super(EmailNotVerifiedException, self).__init__()
+
+    def set_statuses(self):
+        self.status = 'EmailNotVerifiedException'
+
+    def __repr__(self):
+        return "exception.EmailNotVerifiedException()"

TechdocsAPI/backend/router.py

@@ -1,4 +1,4 @@
-from fastapi import Request, Depends, UploadFile
+from fastapi import Request, Depends, UploadFile, BackgroundTasks
 from fastapi.middleware.cors import CORSMiddleware
 
 from backend import app
@@ -42,12 +42,12 @@ def api_response_check():
     return response_result
 
 @app.post("/auth/signup", summary="Creates new user account", response_model=GeneralResponse, tags=["Auth Server"])
-async def signup(response: UserAuth):
+async def signup(bgtasks : BackgroundTasks, response: UserAuth):
     response_result = GeneralResponse.get_instance(data={},
                                       status="not_allowed",
                                       message=["Not authenticated"]
                                       )
-    ops_signup(response_result, response)
+    await ops_signup(bgtasks, response_result, response)
 
     return response_result
 
@@ -66,3 +66,12 @@ async def inference(generate: Generate, access_token:str=Depends(JWTBearer())):
     user_sub=Auth.get_user_credentials(access_token)
     
     return ops_inference(generate.code_block,generate.api_key,user_sub)
+
+@app.get("/auth/verify/{token}", summary="Verify Email", response_model=GeneralResponse, tags=["Auth Server"])
+async def verify_email(request: Request, token:str):
+    response_result = GeneralResponse.get_instance(data={},
+                                      status="not_allowed",
+                                      message=["Not authenticated"]
+                                      )
+
+    return ops_verify_email(request, response_result,token)

TechdocsAPI/backend/services/auth/ops.py

@@ -4,12 +4,19 @@ from backend.models import *
 from backend.services.db.utils.DBQueries import DBQueries
 from backend.core.Exceptions import *
 from backend.core.ExceptionHandlers import *
+from backend.core.ConfigEnv import config
 from backend import app
 
+from fastapi import HTTPException, BackgroundTasks
+from pydantic import ValidationError
+from jose import jwt
+
+from fastapi_mail import MessageSchema, MessageType
+
 # import openai
 # from transformers import RobertaTokenizer, T5ForConditionalGeneration
 
-def ops_signup(response_result: GeneralResponse, data: UserAuth):
+async def ops_signup(bgtasks: BackgroundTasks, response_result: GeneralResponse, data: UserAuth):
     """Wrapper method to handle signup process.
 
     Args:
@@ -26,12 +33,31 @@ def ops_signup(response_result: GeneralResponse, data: UserAuth):
     if len(list(user)) != 0:
         # user with the entered credentials already exists
         raise ExistingUserException(response_result)
+    verifiction_token = Auth.create_access_token(f"{data.username} {data.email}", secret_name='VERIFICATION')
+    verification_link = f"http://localhost:8000/auth/verify/{verifiction_token}"
+
+    email_body_params = {
+        "username": data.username,
+        "verify_link": verification_link
+    }
+
+    message = MessageSchema(
+        subject="Welcome to Techdocs:[Account Verification]",
+        recipients=[data.email],  # List of recipients, as many as you can pass
+        template_body=email_body_params,
+        subtype=MessageType.html
+    )
+
+    bgtasks.add_task(app.state.mail_client.send_message, message=message, template_name="email_verification.html")
+    # await app.state.mail_client.send_message(message=message, template_name="email_verification.html")
+    
+    DBQueries.insert_to_database('auth', (data.username, Auth.get_password_hash(data.password), "", 0), 
+                                 ['username', 'password', 'email', 'is_verified'])
+    
     
-    DBQueries.insert_to_database('auth', (data.username, Auth.get_password_hash(data.password), data.email), 
-                                 ['username', 'password', 'email'])
     
     response_result.status = 'success'
-    response_result.message = [f'User created successfully']
+    response_result.message = [f'Activate your account by clicking on the link sent to {data.email}.\nMake sure to check your spam folder.']
 
 def ops_login(data:LoginCreds):
     """Wrapper method to handle login process.
@@ -50,7 +76,7 @@ def ops_login(data:LoginCreds):
                                       status="not_allowed",
                                       message=["Not authenticated"]
                                       )
-    user = DBQueries.fetch_data_from_database('auth', ['username', 'password'], f"username='{data.username}'")
+    user = DBQueries.fetch_data_from_database('auth', ['username', 'password', 'is_verified'], f"username='{data.username}'")
     user = list(user)
     if len(user) == 0:
         # user with the entered credentials does not exist
@@ -60,9 +86,12 @@ def ops_login(data:LoginCreds):
         # password is incorrect
         raise InvalidCredentialsException(response_result)
     
+    if not user[2]:
+        raise EmailNotVerifiedException()
+    
     # password is correct
     return TokenSchema(access_token=Auth.create_access_token(data.username), 
-                       refresh_token=Auth.create_refresh_token(data.username),
+                       refresh_token=Auth.create_access_token(data.username, secret_name='REFRESH'),
                        )
 
 def ops_regenerate_api_key(username:str) -> APIKey:
@@ -107,3 +136,33 @@ def ops_inference(source_code:str,api_key:str,username:str):
         return docstring
 
     return generate_docstring(source_code)
+
+
+def ops_verify_email(request: Request, response_result: GeneralResponse, token:str):
+    try:
+        payload = jwt.decode(
+            token, config.JWT_VERIFICATION_SECRET_KEY, algorithms=[config.ALGORITHM]
+        )
+        token_data = TokenPayload(**payload)
+        if datetime.fromtimestamp(token_data.exp)< datetime.now():
+            return app.state.templates.TemplateResponse("verification_failure.html", context={"request": request})
+
+        username, email = token_data.sub.split(' ', maxsplit=1)
+        registered_email = DBQueries.fetch_data_from_database('auth', ['is_verified'], f"username='{username}'")
+        registered_email = list(registered_email)
+        if len(registered_email) == 0:
+            raise InfoNotFoundException(response_result,"User not found")
+        print(registered_email[0][0])
+        if registered_email[0][0]:
+            return app.state.templates.TemplateResponse("verification_failure.html", context={"request": request})
+        
+       
+        DBQueries.update_data_in_database('auth','is_verified',f"username='{username}'", (True,))
+        DBQueries.update_data_in_database('auth','email',f"username='{username}'", email)
+        response_result.status = 'success'
+        response_result.message = [f'Email verified successfully']
+        return app.state.templates.TemplateResponse("verification_success.html", context={"request": request})
+
+    except (jwt.JWTError, ValidationError):
+        return app.state.templates.TemplateResponse("verification_failure.html", context={"request": request})
+    

TechdocsAPI/backend/services/auth/utils/auth_funcs.py

@@ -16,9 +16,11 @@ from backend.core.Exceptions import *
 from backend.models import TokenPayload, TokenSchema
 
 
-
-ACCESS_TOKEN_EXPIRE_MINUTES = 30  # 30 minutes
-REFRESH_TOKEN_EXPIRE_MINUTES = 60 * 24 * 3 # 3 days
+token_expiry_info = {
+'ACCESS_TOKEN_EXPIRE_MINUTES': 30,  # 30 minutes
+'REFRESH_TOKEN_EXPIRE_MINUTES': 60 * 24 * 3, # 3 days
+'VERIFICATION_TOKEN_EXPIRE_MINUTES': 20, # 20 minutes
+}
 
 
 class Auth:
@@ -73,7 +75,7 @@ class Auth:
         return entered_username == db_username
 
     @staticmethod
-    def create_access_token(subject: Union[str, Any], expires_delta: int = None) -> str:
+    def create_access_token(subject: Union[str, Any], expires_delta: int = None, secret_name: str = None) -> str:
         """Creates JWT access token.
 
         Args:
@@ -83,33 +85,20 @@ class Auth:
         Returns:
             encoded_jwt: str. Encoded JWT token from the subject of interest.
         """
-        if expires_delta is not None:
-            expires_delta = datetime.utcnow() + expires_delta
-        else:
-            expires_delta = datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
-
-        to_encode = {"exp": expires_delta, "sub": str(subject)}
-        encoded_jwt = jwt.encode(to_encode, config.JWT_SECRET_KEY, config.ALGORITHM)
-        return encoded_jwt
-
-    @staticmethod    
-    def create_refresh_token(subject: Union[str, Any], expires_delta: int = None) -> str:
-        """Creates JWT refresh access token.
-
-        Args:
-            subject: Union[Any, str]. Hash_key to generate access token from.
-            expires_delta: int = None. Expiry time for the JWT.
+        secret_key = config.JWT_SECRET_KEY
+        token_expiration = token_expiry_info['ACCESS_TOKEN_EXPIRE_MINUTES']
+        
+        if secret_name is not None:
+            secret_key = config.dict()["JWT_" + secret_name.upper() + "_SECRET_KEY"]
+            token_expiration = token_expiry_info[secret_name.upper() + "_TOKEN_EXPIRE_MINUTES"]
 
-        Returns:
-            encoded_jwt: str. Encoded JWT token from the subject of interest.
-        """
         if expires_delta is not None:
             expires_delta = datetime.utcnow() + expires_delta
         else:
-            expires_delta = datetime.utcnow() + timedelta(minutes=REFRESH_TOKEN_EXPIRE_MINUTES)
-        
+            expires_delta = datetime.utcnow() + timedelta(minutes=token_expiration)
+
         to_encode = {"exp": expires_delta, "sub": str(subject)}
-        encoded_jwt = jwt.encode(to_encode, config.JWT_REFRESH_SECRET_KEY, config.ALGORITHM)
+        encoded_jwt = jwt.encode(to_encode, secret_key, config.ALGORITHM)
         return encoded_jwt
 
     @staticmethod
@@ -141,9 +130,7 @@ class Auth:
         except (jwt.JWTError, ValidationError):
             raise InvalidCredentialsException(tokens)
         tokens['access_token'] = Auth.create_access_token(token_data.sub)
-        tokens['refresh_token'] = Auth.create_refresh_token(token_data.sub)
-        tokens['status'] = 'login successful'
-        tokens['role'] = token_data.sub.split("_")[1]
+        tokens['refresh_token'] = Auth.create_access_token(token_data.sub, secret_name='REFRESH')
         return tokens
 
     @classmethod

TechdocsAPI/backend/templates/email_verification.html

@@ -0,0 +1,68 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Verify Email</title>
+    <style>
+        body {
+            font-family: Arial, sans-serif;
+            background-color: #f4f4f4;
+            margin: 0;
+            padding: 0;
+        }
+
+        .container {
+            width: 80%;
+            margin: 0 auto;
+            padding: 20px;
+            background-color: #fff;
+            border-radius: 8px;
+            box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
+        }
+
+        h3 {
+            color: #333;
+            text-align: center;
+        }
+
+        p {
+            color: #555;
+            text-align: center;
+            margin-bottom: 20px;
+        }
+
+        a.button {
+            display: block;
+            width: 50%;
+            margin: 20px auto;
+            padding: 12px;
+            border-radius: 5px;
+            text-align: center;
+            text-decoration: none;
+            background-color: #0275d8;
+            color: #fff;
+            font-size: 1rem;
+            transition: background-color 0.3s;
+        }
+
+        a.button:hover {
+            background-color: #025aa5;
+        }
+
+        .disclaimer {
+            color: #777;
+            text-align: center;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h3>Account Verification</h3>
+
+        <p>Hi, {{username}}👋. Thank you for registering with Techdocs. Please click the button below to verify your account:</p>
+
+        <a class="button" href="{{verify_link}}" target="_blank">Verify your email</a>
+
+        <p class="disclaimer">Please disregard this email if you did not register with Techdocs. Thank you.</p>
+    </div>
+</body>
+</html>

TechdocsAPI/backend/templates/verification_failure.html

@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
+    <title>Techdocs</title>
+</head>
+<body>
+    
+    <div class="container">
+        <div class="row" style="margin-top: 30vh;">
+            <div class="col-md-10 col-sm-10 col-xm-12 m-auto p-4">
+                <div class="card text-center">
+                    <div class="card-header">
+                      Email Verification
+                    </div>
+                    <div class="card-body">
+                      <h5 class="card-title">Already Verified/Link Expired</h5>
+                      <p class="card-text">Something went wrong</p>
+                      <button class="btn btn-secondary"><a href="https://techdocs.streamlit.app" target="_blank" style="color: white; text-decoration: none;">Login</a></button>
+                    </div>
+                  </div>
+            </div>
+        </div>
+    </div>
+
+    <script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
+    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
+</body>
+</html>

TechdocsAPI/backend/templates/verification_success.html

@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
+    <title>Techdocs</title>
+</head>
+<body>
+    
+    <div class="container">
+        <div class="row" style="margin-top: 30vh;">
+            <div class="col-md-10 col-sm-10 col-xm-12 m-auto p-4">
+                <div class="card text-center">
+                    <div class="card-header">
+                      Email Verification
+                    </div>
+                    <div class="card-body">
+                      <h5 class="card-title">Email Verification Successful</h5>
+                      <p class="card-text">You can now login into you account or use or services</p>
+                      <button class="btn btn-primary"><a href="https://techdocs.streamlit.app" target="_blank" style="color: white; text-decoration: none;">Login</a></button>
+                    </div>
+                  </div>
+            </div>
+        </div>
+    </div>
+
+    <script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
+    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
+</body>
+</html>

TechdocsAPI/requirements.txt

@@ -9,3 +9,4 @@ pydantic[email]
 langchain
 clarifai
 Pillow
+fastapi_mail==1.3.1

scripts/test.py

@@ -31,19 +31,20 @@ else:
     cursor.execute("DROP TABLE IF EXISTS auth")
     cursor.execute("CREATE TABLE IF NOT EXISTS auth(username VARCHAR(15) PRIMARY KEY, password TEXT, email VARCHAR(50))")
     cursor.execute("CREATE TABLE IF NOT EXISTS api_key(username VARCHAR(15),apikey TEXT, FOREIGN KEY (username) REFERENCES auth(username))")
+    cursor.execute("ALTER TABLE auth ADD is_verified BOOLEAN NOT NULL DEFAULT(false)")
 
-    QUERY = ('INSERT INTO {coll_name} '
-                    '(username, password, email) '
-                    'VALUES '
-                    '(%s, %s, %s)').format(coll_name="auth")
+    # QUERY = ('INSERT INTO {coll_name} '
+    #                 '(username, password, email) '
+    #                 'VALUES '
+    #                 '(%s, %s, %s)').format(coll_name="auth")
 
-    testlist=[("test2","test2","[email protected]"),("test1","test1","[email protected]")]
-    cursor.executemany(QUERY, testlist)
+    # testlist=[("test2","test2","[email protected]"),("test1","test1","[email protected]")]
+    # cursor.executemany(QUERY, testlist)
 
-    QUERY = ('SELECT {cols} FROM {table_name} WHERE email="[email protected]"').format(cols="*", table_name="auth")
-    cursor.execute(QUERY)
-    for i in cursor.fetchall():
-        print(i)
+    # QUERY = ('SELECT {cols} FROM {table_name} WHERE email="[email protected]"').format(cols="*", table_name="auth")
+    # cursor.execute(QUERY)
+    # for i in cursor.fetchall():
+    #     print(i)