From 159ac8fb71f703b127c97f12bc096c1e79fc64fa Mon Sep 17 00:00:00 2001 From: Lars Date: Wed, 29 Apr 2026 11:51:41 +0200 Subject: [PATCH] feat: add utility function for verification link expiration check - Introduced a new function to determine if a verification link has expired, improving error handling in the email verification process. - Updated the email verification logic to utilize the new function, enhancing clarity and maintainability of the code. --- backend/routers/auth.py | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/backend/routers/auth.py b/backend/routers/auth.py index f9ee14e..b740576 100644 --- a/backend/routers/auth.py +++ b/backend/routers/auth.py @@ -168,6 +168,18 @@ def _public_app_base() -> str: return (os.getenv("APP_URL") or "https://shinkan.jinkendo.de").rstrip("/") +def _verification_link_expired(expires_at) -> bool: + """ + True, wenn Ablaufzeit in der Vergangenheit liegt. + PG liefert TIMESTAMP oft als naive datetime — Vergleich mit timezone-aware UTC + würde sonst TypeError → 500. + """ + if expires_at is None: + return False + deadline = expires_at.replace(tzinfo=timezone.utc) if expires_at.tzinfo is None else expires_at.astimezone(timezone.utc) + return datetime.now(timezone.utc) > deadline + + def verification_link(token: str) -> str: """Link zur Web-App (`/verify?token=`); die SPA ruft wie bei Mitai die API auf.""" return f"{_public_app_base()}/verify?token={quote(token, safe='')}" @@ -340,7 +352,7 @@ async def verify_email(token: str): raise HTTPException(400, "E-Mail-Adresse bereits bestätigt") # Check if token expired - if prof['verification_expires'] and datetime.now(timezone.utc) > prof['verification_expires']: + if _verification_link_expired(prof["verification_expires"]): raise HTTPException(400, "Verifikations-Link abgelaufen. Bitte registriere dich erneut.") # Mark as verified and clear token