async def send_magic(email, next_location, location):
magic_link = security.generate_magic_link(email, next_location, location)
await send_email(
email,
"Your magic sign in link",
f"Click this link to sign in\n{magic_link}",
from_address,
from_name,
)
async def request_magic(data: models.AuthRequest = Body(...)):
user = await crud.get_user_by_email(data.email)
if not user:
raise HTTPException(status_code=HTTP_400_BAD_REQUEST,
detail="No user with that email.")
magic_link = security.generate_magic_link(data.email)
await send_email(
data.email,
"Your magic sign in link",
f"Click this link to sign in\n{magic_link}",
)
return "Please check your email for your sign in link."
def test_confirm_magic_wrong_secret_fails(
test_client: TestClient, user1: dict, monkeypatch: MonkeyPatch, async_db
):
monkeypatch.setattr("app.auth.crud.db", async_db)
magic_url = security.generate_magic_link(user1["email"])
url_secret = magic_url.split("=")[-1]
response = test_client.post(
"/auth/confirm-magic", json={"email": user1["email"], "secret": "123456789"}
)
assert response.status_code == 400
assert response.cookies.get("token") is None