| """ |
| Security utilities module. |
| """ |
|
|
| from fastapi import HTTPException |
| from jinja2 import Environment, FileSystemLoader, select_autoescape |
|
|
| from cbh.api.account.dto import RegistrationType |
| from cbh.api.account.models import AccountModel |
| from cbh.core.config import settings |
|
|
|
|
| def check_account_to_reset(account_obj: AccountModel, account: AccountModel | None = None) -> None: |
| """ |
| Check if the account can be reset. |
| """ |
| if not account and account_obj.registrationType != RegistrationType.ORGANIC: |
| raise HTTPException( |
| status_code=422, |
| detail="Please sign in with social providers", |
| ) |
| elif account and account_obj.registrationType != RegistrationType.ORGANIC: |
| raise HTTPException( |
| status_code=422, |
| detail="Password reset is not available for social login accounts", |
| ) |
|
|
|
|
| async def send_password_reset_email( |
| code: str, account_obj: AccountModel |
| ) -> None: |
| """ |
| Send a password reset email. |
| """ |
| templates_path = settings.BASE_DIR / "cbh" / "templates" / "emails" |
| env = Environment( |
| loader=FileSystemLoader(templates_path), |
| autoescape=select_autoescape(["html", "xml"]), |
| ) |
| template = env.get_template("resetPassword.html") |
|
|
| template_content = template.render( |
| link=f"{settings.Audience}/change-password?code={code}", |
| audience_link=settings.Audience, |
| ) |
| await settings.EMAIL_CLIENT.send_email( |
| account_obj.email, |
| "You requested a password reset in Arena", |
| template_content, |
| ) |
|
|
