✨ Create endpoint to show password recovery email content and update email template (#664)

2024-03-10 00:53:46 +01:00
parent 449889b994
commit f5ccd4a59c
5 changed files with 41 additions and 15 deletions
--- a/backend/app/api/routes/login.py
+++ b/backend/app/api/routes/login.py
@@ -2,10 +2,11 @@ from datetime import timedelta
 from typing import Annotated, Any

 from fastapi import APIRouter, Depends, HTTPException
+from fastapi.responses import HTMLResponse
 from fastapi.security import OAuth2PasswordRequestForm

 from app import crud
-from app.api.deps import CurrentUser, SessionDep
+from app.api.deps import CurrentUser, SessionDep, get_current_active_superuser
 from app.core import security
 from app.core.config import settings
 from app.core.security import get_password_hash
@@ -79,10 +80,10 @@ def reset_password(session: SessionDep, body: NewPassword) -> Message:
    """
    Reset password
    """
-    user_id = verify_password_reset_token(token=body.token)
-    if not user_id:
+    email = verify_password_reset_token(token=body.token)
+    if not email:
        raise HTTPException(status_code=400, detail="Invalid token")
-    user = session.get(User, int(user_id))
+    user = crud.get_user_by_email(session=session, email=email)
    if not user:
        raise HTTPException(
            status_code=404,
@@ -95,3 +96,29 @@ def reset_password(session: SessionDep, body: NewPassword) -> Message:
    session.add(user)
    session.commit()
    return Message(message="Password updated successfully")
+
+
+@router.post(
+    "/password-recovery-html-content/{email}",
+    dependencies=[Depends(get_current_active_superuser)],
+    response_class=HTMLResponse,
+)
+def recover_password_html_content(email: str, session: SessionDep) -> Any:
+    """
+    HTML Content for Password Recovery
+    """
+    user = crud.get_user_by_email(session=session, email=email)
+
+    if not user:
+        raise HTTPException(
+            status_code=404,
+            detail="The user with this username does not exist in the system.",
+        )
+    password_reset_token = generate_password_reset_token(email=email)
+    email_data = generate_reset_password_email(
+        email_to=user.email, email=email, token=password_reset_token
+    )
+
+    return HTMLResponse(
+        content=email_data.html_content, headers={"subject:": email_data.subject}
+    )