diff --git a/app/auth/email.py b/app/auth/email.py index bdb1d7d..e4a765c 100644 --- a/app/auth/email.py +++ b/app/auth/email.py @@ -9,11 +9,11 @@ def generate_otp(user): # which stores all digits digits = "0123456789" otp = "" - # length of password can be changed # by changing value in range for i in range(4): otp += digits[math.floor(random.random() * 10)] + user.otp = otp return otp def send_otp_email(user): diff --git a/app/auth/forms.py b/app/auth/forms.py index f851b79..9a1af02 100644 --- a/app/auth/forms.py +++ b/app/auth/forms.py @@ -11,7 +11,8 @@ class LoginForm(FlaskForm): submit = SubmitField(_l('Sign In')) class OTPForm(FlaskForm): - OTP = StringField(_l('One Time Passcode'), validators=[DataRequired()]) ###EqualTo(otp) + username = StringField(_l('Username'), validators=[DataRequired()]) + OTP = StringField(_l('OTP'), validators=[DataRequired()]) ###EqualTo(otp) submit = SubmitField(_l('Log in') ) class RegistrationForm(FlaskForm): diff --git a/app/auth/routes.py b/app/auth/routes.py index 6c83fb7..84f280f 100644 --- a/app/auth/routes.py +++ b/app/auth/routes.py @@ -5,7 +5,7 @@ from flask_babel import _ from app import db from app.auth import bp from app.auth.forms import LoginForm, RegistrationForm, \ - ResetPasswordRequestForm, ResetPasswordForm + ResetPasswordRequestForm, ResetPasswordForm, OTPForm from app.models import User from app.auth.email import send_password_reset_email @@ -27,8 +27,15 @@ def login(): @bp.route('/otp', methods=['GET', 'POST']) def otp_login(): form = OTPForm() - if OTP != user.curr_otp : - flash(_('Invalid OTP')) + user = User.query.filter_by(username=form.username.data).first() + otp = form.OTP.data + if user: + send_otp_email(user) + flash(_('Check your email for your OTP')) + return redirect(url_for('auth.otp_login')) + if otp != user.otp: + flash(_('Invalid OTP')) + return redirect(url_for('auth.otp_login')) if form.validate_on_submit(): return redirect(url_for('main.index')) return render_template('auth/otp_login.html', title=_('Enter OTP'), diff --git a/app/models.py b/app/models.py index c725823..3a9dcae 100644 --- a/app/models.py +++ b/app/models.py @@ -88,7 +88,6 @@ followers = db.Table( db.Column('followed_id', db.Integer, db.ForeignKey('user.id')) ) - class User(UserMixin, PaginatedAPIMixin, db.Model): id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(64), index=True, unique=True)