admin/DoC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6d87a32bc41fc690653920b8c400218930eea527
DoC/backend/api/utils/email_verification.py
T
Mireya Cueto Garrido 0a31748407 email verification update
2026-05-15 09:39:41 +02:00

46 lines
1.3 KiB
Python
Raw Blame History

import hashlib
import hmac
import os
import secrets
from datetime import datetime, timedelta
EMAIL_VERIFICATION_CODE_TTL_MINUTES = int(
os.getenv("EMAIL_VERIFICATION_CODE_TTL_MINUTES", "15")
)
MAX_EMAIL_VERIFICATION_ATTEMPTS = int(
os.getenv("EMAIL_VERIFICATION_MAX_ATTEMPTS", "5")
)
def generate_verification_code() -> str:
return f"{secrets.randbelow(1_000_000):06d}"
def get_verification_code_expiration() -> datetime:
return datetime.utcnow() + timedelta(minutes=EMAIL_VERIFICATION_CODE_TTL_MINUTES)
def _verification_secret() -> bytes:
secret = (
os.getenv("EMAIL_VERIFICATION_SECRET")
or os.getenv("SECRET_KEY")
or "development-email-verification-secret"
)
return secret.encode("utf-8")
def hash_verification_code(email: str, code: str) -> str:
normalized_email = email.strip().lower()
payload = f"{normalized_email}:{code}".encode("utf-8")
return hmac.new(_verification_secret(), payload, hashlib.sha256).hexdigest()
def verify_verification_code(email: str, code: str, code_hash: str) -> bool:
expected_hash = hash_verification_code(email, code)
return hmac.compare_digest(expected_hash, code_hash)
def is_verification_code_expired(expires_at: datetime) -> bool:
return expires_at < datetime.utcnow()
Reference in New Issue View Git Blame Copy Permalink