def verify(enc_email: str, secret: str, app_id: str) -> Optional[str]:
email = config.FERNET.decrypt(unquote(enc_email).encode("utf-8")).decode("utf-8")
secret_hash = MAGIC_STORE.get(f"{app_id}:magic:{email}")
if PWD_CONTEXT.verify(secret, secret_hash):
MAGIC_STORE.expire(f"{app_id}:magic:{email}", datetime.timedelta(seconds=1))
return email
return None
async def verify_refresh_token(token: str, client_app: ClientApp) -> str:
_, claims = _check_token(token, client_app.get_refresh_key(),
client_app.app_id)
found_rt = await _find_refresh_token(claims, client_app)
if found_rt.expires <= datetime.datetime.now():
await found_rt.delete()
raise TokenVerificationError("Expired Token. Please log in again.")
if PWD_CONTEXT.verify(token, found_rt.hash):
return generate(claims["sub"], client_app)
raise TokenVerificationError("Could not find matching refresh token")
def verify_dp_code(user: User, delete_id: str, code: str) -> bool:
"""
Verify a deletion protection code against the hash stored in redis.
:param user: the user requesting the code
:param delete_id: the app_id of the app to delete or "account" if they are deleting
their account.
:param code:
:return: True if the code is valid, false otherwise
"""
code_hash = DP_CODE_STORE.get(f"{user.email}:{delete_id}")
if PWD_CONTEXT.verify(code, code_hash):
DP_CODE_STORE.expire(f"{user.email}:{delete_id}",
datetime.timedelta(seconds=1))
return True
return False
def verify(email: str, code: str, app_id: str) -> bool:
code_hash = OTP_STORE.get(f"{app_id}:otp:{email}")
if PWD_CONTEXT.verify(code, code_hash):
OTP_STORE.expire(f"{app_id}:otp:{email}", datetime.timedelta(seconds=1))
return True
return False