Merge pull request #78 from Promptly-Technologies-LLC/14-move-update-email-to-its-own-section-of-the-profile-page-and-require-email-confirmation

Email address update confirmation flow

Author: chriscarrollsmith

main.py

@@ -33,7 +33,7 @@ async def lifespan(app: FastAPI):
     # Optional shutdown logic
 
 
-app = FastAPI(lifespan=lifespan)
+app: FastAPI = FastAPI(lifespan=lifespan)
 
 # Mount static files (e.g., CSS, JS)
 app.mount("/static", StaticFiles(directory="static"), name="static")
@@ -169,10 +169,12 @@ async def read_home(
 
 @app.get("/login")
 async def read_login(
-    params: dict = Depends(common_unauthenticated_parameters)
+    params: dict = Depends(common_unauthenticated_parameters),
+    email_updated: Optional[str] = "false"
 ):
     if params["user"]:
         return RedirectResponse(url="/dashboard", status_code=302)
+    params["email_updated"] = email_updated
     return templates.TemplateResponse(params["request"], "authentication/login.html", params)
 
 
@@ -256,14 +258,18 @@ async def read_dashboard(
 
 @app.get("/profile")
 async def read_profile(
-    params: dict = Depends(common_authenticated_parameters)
+    params: dict = Depends(common_authenticated_parameters),
+    email_update_requested: Optional[str] = "false",
+    email_updated: Optional[str] = "false"
 ):
     # Add image constraints to the template context
     params.update({
         "max_file_size_mb": MAX_FILE_SIZE / (1024 * 1024),  # Convert bytes to MB
         "min_dimension": MIN_DIMENSION,
         "max_dimension": MAX_DIMENSION,
-        "allowed_formats": list(ALLOWED_CONTENT_TYPES.keys())
+        "allowed_formats": list(ALLOWED_CONTENT_TYPES.keys()),
+        "email_update_requested": email_update_requested,
+        "email_updated": email_updated
     })
     return templates.TemplateResponse(params["request"], "users/profile.html", params)
 

routers/authentication.py

@@ -6,7 +6,7 @@
 from fastapi.responses import RedirectResponse
 from pydantic import BaseModel, EmailStr, ConfigDict
 from sqlmodel import Session, select
-from utils.models import User, UserPassword
+from utils.models import User, UserPassword, DataIntegrityError
 from utils.auth import (
     get_session,
     get_user_from_reset_token,
@@ -18,13 +18,50 @@
     create_access_token,
     create_refresh_token,
     validate_token,
-    send_reset_email
+    send_reset_email,
+    send_email_update_confirmation,
+    get_user_from_email_update_token,
+    get_authenticated_user
 )
 
 logger = getLogger("uvicorn.error")
 
 router = APIRouter(prefix="/auth", tags=["auth"])
 
+# --- Custom Exceptions ---
+
+
+class EmailAlreadyRegisteredError(HTTPException):
+    def __init__(self):
+        super().__init__(
+            status_code=409,
+            detail="This email is already registered"
+        )
+
+
+class InvalidCredentialsError(HTTPException):
+    def __init__(self):
+        super().__init__(
+            status_code=401,
+            detail="Invalid credentials"
+        )
+
+
+class InvalidResetTokenError(HTTPException):
+    def __init__(self):
+        super().__init__(
+            status_code=401,
+            detail="Invalid or expired password reset token; please request a new one"
+        )
+
+
+class InvalidEmailUpdateTokenError(HTTPException):
+    def __init__(self):
+        super().__init__(
+            status_code=401,
+            detail="Invalid or expired email update token; please request a new one"
+        )
+
 
 # --- Server Request and Response Models ---
 
@@ -102,6 +139,17 @@ async def as_form(
                    new_password=new_password, confirm_new_password=confirm_new_password)
 
 
+class UpdateEmail(BaseModel):
+    new_email: EmailStr
+
+    @classmethod
+    async def as_form(
+        cls,
+        new_email: EmailStr = Form(...)
+    ):
+        return cls(new_email=new_email)
+
+
 # --- DB Request and Response Models ---
 
 
@@ -130,7 +178,7 @@ async def register(
         User.email == user.email)).first()
 
     if db_user:
-        raise HTTPException(status_code=400, detail="Email already registered")
+        raise EmailAlreadyRegisteredError()
 
     # Hash the password
     hashed_password = get_password_hash(user.password)
@@ -147,9 +195,20 @@ async def register(
     refresh_token = create_refresh_token(data={"sub": db_user.email})
     # Set cookie
     response = RedirectResponse(url="/", status_code=303)
-    response.set_cookie(key="access_token", value=access_token, httponly=True)
-    response.set_cookie(key="refresh_token",
-                        value=refresh_token, httponly=True)
+    response.set_cookie(
+        key="access_token",
+        value=access_token,
+        httponly=True,
+        secure=True,
+        samesite="strict"
+    )
+    response.set_cookie(
+        key="refresh_token",
+        value=refresh_token,
+        httponly=True,
+        secure=True,
+        samesite="strict"
+    )
 
     return response
 
@@ -164,7 +223,7 @@ async def login(
         User.email == user.email)).first()
 
     if not db_user or not db_user.password or not verify_password(user.password, db_user.password.hashed_password):
-        raise HTTPException(status_code=400, detail="Invalid credentials")
+        raise InvalidCredentialsError()
 
     # Create access token
     access_token = create_access_token(
@@ -262,7 +321,7 @@ async def reset_password(
         user.email, user.token, session)
 
     if not authorized_user or not reset_token:
-        raise HTTPException(status_code=400, detail="Invalid or expired token")
+        raise InvalidResetTokenError()
 
     # Update password and mark token as used
     if authorized_user.password:
@@ -289,3 +348,81 @@ def logout():
     response.delete_cookie("access_token")
     response.delete_cookie("refresh_token")
     return response
+
+
+@router.post("/update_email")
+async def request_email_update(
+    update: UpdateEmail = Depends(UpdateEmail.as_form),
+    user: User = Depends(get_authenticated_user),
+    session: Session = Depends(get_session)
+):
+    # Check if the new email is already registered
+    existing_user = session.exec(
+        select(User).where(User.email == update.new_email)
+    ).first()
+
+    if existing_user:
+        raise EmailAlreadyRegisteredError()
+
+    if not user.id:
+        raise DataIntegrityError(resource="User id")
+
+    # Send confirmation email
+    send_email_update_confirmation(
+        current_email=user.email,
+        new_email=update.new_email,
+        user_id=user.id,
+        session=session
+    )
+
+    return RedirectResponse(
+        url="/profile?email_update_requested=true",
+        status_code=303
+    )
+
+
+@router.get("/confirm_email_update")
+async def confirm_email_update(
+    user_id: int,
+    token: str,
+    new_email: str,
+    session: Session = Depends(get_session)
+):
+    user, update_token = get_user_from_email_update_token(
+        user_id, token, session
+    )
+
+    if not user or not update_token:
+        raise InvalidResetTokenError()
+
+    # Update email and mark token as used
+    user.email = new_email
+    update_token.used = True
+    session.commit()
+
+    # Create new tokens with the updated email
+    access_token = create_access_token(data={"sub": new_email, "fresh": True})
+    refresh_token = create_refresh_token(data={"sub": new_email})
+
+    # Set cookies before redirecting
+    response = RedirectResponse(
+        url="/profile?email_updated=true",
+        status_code=303
+    )
+
+    # Add secure cookie attributes
+    response.set_cookie(
+        key="access_token",
+        value=access_token,
+        httponly=True,
+        secure=True,
+        samesite="lax"
+    )
+    response.set_cookie(
+        key="refresh_token",
+        value=refresh_token,
+        httponly=True,
+        secure=True,
+        samesite="lax"
+    )
+    return response

routers/organization.py

@@ -10,6 +10,8 @@
 
 logger = getLogger("uvicorn.error")
 
+router = APIRouter(prefix="/organizations", tags=["organizations"])
+
 # --- Custom Exceptions ---
 
 
@@ -37,9 +39,6 @@ def __init__(self):
         )
 
 
-router = APIRouter(prefix="/organizations", tags=["organizations"])
-
-
 # --- Server Request and Response Models ---
 
 

routers/user.py

@@ -16,15 +16,13 @@
 class UpdateProfile(BaseModel):
     """Request model for updating user profile information"""
     name: str
-    email: EmailStr
     avatar_file: Optional[bytes] = None
     avatar_content_type: Optional[str] = None
 
     @classmethod
     async def as_form(
         cls,
         name: str = Form(...),
-        email: EmailStr = Form(...),
         avatar_file: Optional[UploadFile] = File(None),
     ):
         avatar_data = None
@@ -36,7 +34,6 @@ async def as_form(
 
         return cls(
             name=name,
-            email=email,
             avatar_file=avatar_data,
             avatar_content_type=avatar_content_type
         )
@@ -73,7 +70,6 @@ async def update_profile(
 
     # Update user details
     user.name = user_profile.name
-    user.email = user_profile.email
 
     if user_profile.avatar_file:
         user.avatar_data = user_profile.avatar_file

templates/emails/update_email_email.html

@@ -0,0 +1,12 @@
+{% extends "emails/base_email.html" %}
+
+{% block email_title %}Email Update Request{% endblock %}
+
+{% block email_content %}
+    <h1>Confirm Your New Email Address</h1>
+    <p>You have requested to change your email address from {{ current_email }} to {{ new_email }}.</p>
+    <p>Click the link below to confirm this change:</p>
+    <p><a href="{{ confirmation_url }}">Confirm Email Update</a></p>
+    <p>If you did not request this change, please ignore this email.</p>
+    <p>This link will expire in 1 hour.</p>
+{% endblock %}

templates/users/profile.html

@@ -8,6 +8,18 @@
 <div class="container mt-5">
     <h1 class="mb-4">User Profile</h1>
 
+    {% if email_update_requested == "true" %}
+    <div class="alert alert-info" role="alert">
+        Please check your current email address for a confirmation link to complete the email update.
+    </div>
+    {% endif %}
+
+    {% if email_updated == "true" %}
+    <div class="alert alert-success" role="alert">
+        Your email address has been successfully updated.
+    </div>
+    {% endif %}
+
     <!-- Basic Information -->
     <div class="card mb-4" id="basic-info">
         <div class="card-header">
@@ -40,10 +52,6 @@ <h1 class="mb-4">User Profile</h1>
                     <label for="name" class="form-label">Name</label>
                     <input type="text" class="form-control" id="name" name="name" value="{{ user.name }}">
                 </div>
-                <div class="mb-3">
-                    <label for="email" class="form-label">Email</label>
-                    <input type="email" class="form-control" id="email" name="email" value="{{ user.email }}">
-                </div>
                 <div class="mb-3">
                     <label for="avatar_file" class="form-label">Avatar</label>
                     <input type="file" class="form-control" id="avatar_file" name="avatar_file" accept="image/*">
@@ -62,13 +70,29 @@ <h1 class="mb-4">User Profile</h1>
         </div>
     </div>
 
+    <!-- New Email Update Section -->
+    <div class="card mb-4">
+        <div class="card-header">
+            Update Email
+        </div>
+        <div class="card-body">
+            <form action="{{ url_for('request_email_update') }}" method="post">
+                <div class="mb-3">
+                    <label for="new_email" class="form-label">New Email Address</label>
+                    <input type="email" class="form-control" id="new_email" name="new_email" value="{{ user.email }}">
+                </div>
+                <p class="form-text">A confirmation link will be sent to your new email address to verify the change.</p>
+                <button type="submit" class="btn btn-primary">Update Email</button>
+            </form>
+        </div>
+    </div>
+
     <!-- Change Password -->
     <div class="card mb-4">
         <div class="card-header">
             Change Password
         </div>
         <div class="card-body">
-            <!-- TODO: Trigger password reset via email confirmation -->
             <form action="{{ url_for('forgot_password') }}" method="post">
                 <input type="hidden" name="email" value="{{ user.email }}">
                 <p>To change your password, please confirm your email. A password reset link will be sent to your email address.</p>
@@ -90,7 +114,7 @@ <h1 class="mb-4">User Profile</h1>
                 <p class="text-danger">This action cannot be undone. Please confirm your password to delete your account.</p>
                 <div class="mb-3">
                     <label for="confirm_delete_password" class="form-label">Password</label>
-                    <input type="password" class="form-control" id="confirm_delete_password" name="confirm_delete_password">
+                    <input type="password" class="form-control" id="confirm_delete_password" name="confirm_delete_password" autocomplete="off">
                 </div>
                 <button type="submit" class="btn btn-danger">Delete Account</button>
             </form>