mirror of
https://github.com/minetest/contentdb.git
synced 2024-11-08 16:43:47 +01:00
Add 12 hour expiry to email verification tokens
This commit is contained in:
parent
3b5c9950de
commit
0486eb76c0
@ -311,11 +311,19 @@ def set_password():
|
|||||||
@bp.route("/user/verify/")
|
@bp.route("/user/verify/")
|
||||||
def verify_email():
|
def verify_email():
|
||||||
token = request.args.get("token")
|
token = request.args.get("token")
|
||||||
ver : UserEmailVerification = UserEmailVerification.query.filter_by(token=token).first()
|
ver: UserEmailVerification = UserEmailVerification.query.filter_by(token=token).first()
|
||||||
if ver is None:
|
if ver is None:
|
||||||
flash("Unknown verification token!", "danger")
|
flash("Unknown verification token!", "danger")
|
||||||
return redirect(url_for("homepage.home"))
|
return redirect(url_for("homepage.home"))
|
||||||
|
|
||||||
|
delta = (datetime.datetime.now() - ver.created_at)
|
||||||
|
delta: datetime.timedelta
|
||||||
|
if delta.total_seconds() > 12*60*60:
|
||||||
|
flash("Token has expired", "danger")
|
||||||
|
db.session.delete(ver)
|
||||||
|
db.session.commit()
|
||||||
|
return redirect(url_for("homepage.home"))
|
||||||
|
|
||||||
user = ver.user
|
user = ver.user
|
||||||
|
|
||||||
addAuditLog(AuditSeverity.USER, user, "Confirmed their email",
|
addAuditLog(AuditSeverity.USER, user, "Confirmed their email",
|
||||||
|
@ -4,4 +4,6 @@ toc: False
|
|||||||
We've sent an email to the address you specified.
|
We've sent an email to the address you specified.
|
||||||
You'll need to click the link in the email to confirm it
|
You'll need to click the link in the email to confirm it
|
||||||
|
|
||||||
|
**The link will expire in 12 hours**
|
||||||
|
|
||||||
<a class="btn btn-secondary" href="/help/faq/#my-verification-email-never-arrived">My email never arrived</a>
|
<a class="btn btn-secondary" href="/help/faq/#my-verification-email-never-arrived">My email never arrived</a>
|
Loading…
Reference in New Issue
Block a user