cutt/cutt/mail.py

from email.message import EmailMessage
from email.utils import formataddr
from random import random
import smtplib
import os
import ssl
from time import sleep
from dotenv import load_dotenv
from fastapi.responses import PlainTextResponse
from pydantic import BaseModel
from sqlmodel import Session, select
from cutt.db import Player, TokenDB, engine
from cutt.security import set_password_token

P = Player

load_dotenv()


def generate_password_link(user: Player):
    with Session(engine) as session:
        token = set_password_token(user)
        if token:
            session.add(TokenDB(token=token))
        session.commit()
        return f"https://cutt.0124816.xyz/setpassword?token={token}"


class EmailRequest(BaseModel):
    email: str


def send_forgotten_password_link(email: EmailRequest):
    with Session(engine) as session:
        user = session.exec(
            select(P).where(P.email == email.email, P.disabled != True)
        ).one_or_none()
        if user and user.email:
            link = generate_password_link(user)
            msg = EmailMessage()
            msg["Subject"] = "CUTT - reset password"
            msg["From"] = "CUTT - cool ultimate team tool <cutt@0124816.xyz>"
            msg["To"] = formataddr((user.display_name, user.email))
            msg.set_content(
                f"Hello {user.display_name},\nclick on the following link to set yourself a new password.\n\n{link}\n\nCheers,\nJulius"
            )
            with open("cutt/forgotten_password.html") as f:
                html_body = (
                    f.read().replace("USER", user.display_name).replace("LINK", link)
                )
            msg.add_alternative(html_body, subtype="html")
            context = ssl.create_default_context()
            with smtplib.SMTP(
                host=os.environ["SMTP_HOST"],
                port=int(os.environ["SMTP_PORT"]),
                timeout=20,
            ) as server:
                server.starttls(context=context)
                server.login(os.environ["SMTP_USER"], os.environ["SMTP_PASS"])
                server.send_message(msg)
        else:
            sleep(random())

    return PlainTextResponse(
        "a link will be sent to this email, if it belongs to an existing user."
    )