sij/khoj
1
0
Fork 0
mirror of https://github.com/khoj-ai/khoj.git synced 2024-12-18 18:47:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 23

Gracefully handle error when user login code is expired

Browse source
This commit is contained in:
sabaimran 2024-12-16 16:47:54 -08:00
parent 064f7e48ca
commit efb0b9f495
3 changed files with 12 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/interface/web/app/components/loginPrompt/loginPrompt.tsx
View file

@ -261,6 +261,8 @@ function EmailSignInContext({
} else if (res.status === 429) { } else if (res.status === 429) {
setOTPError("Too many failed attempts. Please try again tomorrow."); setOTPError("Too many failed attempts. Please try again tomorrow.");
setNumFailures(ALLOWED_OTP_ATTEMPTS); setNumFailures(ALLOWED_OTP_ATTEMPTS);
} else if (res.status === 403) {
setOTPError("OTP expired. Please request a new one.");
} else { } else {
throw new Error("Failed to verify OTP"); throw new Error("Failed to verify OTP");
} }

8
src/khoj/database/adapters/__init__.py
View file

@ -269,19 +269,19 @@ async def astart_trial_subscription(user: KhojUser) -> Subscription:
return subscription return subscription
async def aget_user_validated_by_email_verification_code(code: str, email: str) -> KhojUser: async def aget_user_validated_by_email_verification_code(code: str, email: str) -> tuple[Optional[KhojUser], bool]:
user = await KhojUser.objects.filter(email_verification_code=code, email=email).afirst() user = await KhojUser.objects.filter(email_verification_code=code, email=email).afirst()
if not user: if not user:
return None return None, False
if user.email_verification_code_expiry < datetime.now(tz=timezone.utc): if user.email_verification_code_expiry < datetime.now(tz=timezone.utc):
return None return None, True
user.email_verification_code = None user.email_verification_code = None
user.verified_email = True user.verified_email = True
await user.asave() await user.asave()
return user return user, False
async def create_user_by_google_token(token: dict) -> KhojUser: async def create_user_by_google_token(token: dict) -> KhojUser:

7
src/khoj/routers/auth.py
View file

@ -111,8 +111,13 @@ async def sign_in_with_magic_link(
EmailVerificationApiRateLimiter(requests=10, window=60 * 60 * 24, slug="magic_link_verification") EmailVerificationApiRateLimiter(requests=10, window=60 * 60 * 24, slug="magic_link_verification")
), ),
): ):
user = await aget_user_validated_by_email_verification_code(code, email) user, code_is_expired = await aget_user_validated_by_email_verification_code(code, email)
if user: if user:
if code_is_expired:
request.session["user"] = {}
return Response(status_code=403)
id_info = { id_info = {
"email": user.email, "email": user.email,
} }