converter

2025-10-30 01:58:28 +01:00
parent dd9d076bd2
commit 8dd4f6e731
23 changed files with 1142 additions and 1286 deletions
--- a/backend/account/models.py
+++ b/backend/account/models.py
@@ -1,8 +1,9 @@
 import uuid
 from django.db import models
 from django.contrib.auth.models import AbstractUser, UserManager, Group, Permission
-from django.core.validators import RegexValidator, MinLengthValidator, MaxValueValidator, MinValueValidator
+from django.core.validators import RegexValidator

+from django.utils.crypto import get_random_string 
 from django.conf import settings
 from django.db import models
 from django.utils import timezone
@@ -61,6 +62,10 @@ class CustomUser(SoftDeleteModel, AbstractUser):
    email_verified = models.BooleanField(default=False)
    email = models.EmailField(unique=True, db_index=True)

+    # + fields for email verification flow
+    email_verification_token = models.CharField(max_length=128, null=True, blank=True, db_index=True)
+    email_verification_sent_at = models.DateTimeField(null=True, blank=True)
+
    gdpr = models.BooleanField(default=False)
    is_active = models.BooleanField(default=False)

@@ -124,5 +129,32 @@ class CustomUser(SoftDeleteModel, AbstractUser):
            self.groups.set([group])

        return super().save(*args, **kwargs)
+    
+    def generate_email_verification_token(self, length: int = 48, save: bool = True) -> str:
+        token = get_random_string(length=length)
+        self.email_verification_token = token
+        self.email_verification_sent_at = timezone.now()
+        if save:
+            self.save(update_fields=["email_verification_token", "email_verification_sent_at"])
+        return token

+    def verify_email_token(self, token: str, max_age_hours: int = 48, save: bool = True) -> bool:
+        if not token or not self.email_verification_token:
+            return False
+        # optional expiry check
+        if self.email_verification_sent_at:
+            age = timezone.now() - self.email_verification_sent_at
+            if age > timedelta(hours=max_age_hours):
+                return False
+        if token != self.email_verification_token:
+            return False
+
+        if not self.email_verified:
+            self.email_verified = True
+        # clear token after success
+        self.email_verification_token = None
+        self.email_verification_sent_at = None
+        if save:
+            self.save(update_fields=["email_verified", "email_verification_token", "email_verification_sent_at"])
+        return True