This commit adds a complete email authentication flow for the Telegram bot, allowing users to login with email + password instead of web app linking codes. Includes critical bug fixes for Oracle integration. **New Features:** - Email-based 2FA authentication with 6-digit codes sent via SMTP - Backend endpoints: verify-email and login-with-email - ConversationHandler for email authentication flow in Telegram bot - Session token verification to prevent user ID spoofing - Rate limiting (5 attempts per 5 minutes) - Email code expiry (5 minutes) with automatic cleanup **Bug Fixes:** - Fixed Oracle column name: ACTIV → INACTIV (with inverted logic) - Fixed Oracle password verification: verificautilizator returns checksum, not user_id - Fixed username case sensitivity: Oracle usernames must be uppercase - Fixed SMTP connection: use start_tls parameter instead of manual STARTTLS - Added middleware exclusions for public email auth endpoints **Backend Changes:** - Added verify-email endpoint (public) in telegram.py - Added login-with-email endpoint (public) with rate limiting and session verification - Updated middleware exclusions in main.py and auth_middleware_wrapper.py - Added AUTH_SESSION_SECRET configuration for session token signing **Telegram Bot Changes:** - New modules: app/auth/email_auth.py, app/bot/email_handlers.py - New utilities: app/utils/email_service.py (SMTP email sending) - Updated handlers.py: ignore callbacks handled by ConversationHandler - Updated menus.py: show Login button for unauthenticated users - Updated API client: verify_email() and login_with_email() methods - Database: email_auth_codes table with cleanup task **Configuration:** - Added SMTP configuration to telegram-bot .env.example - Added AUTH_SESSION_SECRET to backend .env.example - Updated .gitignore: exclude temporary files (*.pid, *.checksum, test scripts) **Dependencies:** - Added aiosmtplib for async SMTP email sending 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
87 lines
2.0 KiB
Python
87 lines
2.0 KiB
Python
"""
|
|
Database module for Telegram Bot
|
|
|
|
Provides SQLite database operations for:
|
|
- User management and Oracle account linking
|
|
- Authentication code management
|
|
- Conversation session management
|
|
"""
|
|
|
|
from .database import (
|
|
init_database,
|
|
get_db_connection,
|
|
cleanup_expired_codes,
|
|
cleanup_expired_sessions,
|
|
cleanup_expired_email_codes,
|
|
get_database_stats,
|
|
DB_PATH,
|
|
)
|
|
|
|
from .operations import (
|
|
# User operations
|
|
create_or_update_user,
|
|
get_user,
|
|
link_user_to_oracle,
|
|
update_user_tokens,
|
|
update_user_last_active,
|
|
is_user_linked,
|
|
is_user_authenticated,
|
|
# Auth code operations
|
|
create_auth_code,
|
|
get_auth_code,
|
|
verify_and_use_auth_code,
|
|
get_pending_codes_for_user,
|
|
# Email auth code operations
|
|
get_pending_email_code,
|
|
create_email_auth_code,
|
|
get_email_auth_code,
|
|
increment_failed_attempts,
|
|
mark_email_code_used,
|
|
delete_user_email_codes,
|
|
# Session operations
|
|
create_session,
|
|
get_session,
|
|
get_user_active_session,
|
|
update_session_state,
|
|
delete_session,
|
|
delete_user_sessions,
|
|
)
|
|
|
|
__all__ = [
|
|
# Database setup
|
|
'init_database',
|
|
'get_db_connection',
|
|
'cleanup_expired_codes',
|
|
'cleanup_expired_sessions',
|
|
'cleanup_expired_email_codes',
|
|
'get_database_stats',
|
|
'DB_PATH',
|
|
# User operations
|
|
'create_or_update_user',
|
|
'get_user',
|
|
'link_user_to_oracle',
|
|
'update_user_tokens',
|
|
'update_user_last_active',
|
|
'is_user_linked',
|
|
'is_user_authenticated',
|
|
# Auth code operations
|
|
'create_auth_code',
|
|
'get_auth_code',
|
|
'verify_and_use_auth_code',
|
|
'get_pending_codes_for_user',
|
|
# Email auth code operations
|
|
'get_pending_email_code',
|
|
'create_email_auth_code',
|
|
'get_email_auth_code',
|
|
'increment_failed_attempts',
|
|
'mark_email_code_used',
|
|
'delete_user_email_codes',
|
|
# Session operations
|
|
'create_session',
|
|
'get_session',
|
|
'get_user_active_session',
|
|
'update_session_state',
|
|
'delete_session',
|
|
'delete_user_sessions',
|
|
]
|