confirm and auth email

auth/authenticate.py

@@ -67,6 +67,9 @@ class JWTAuthenticate(AuthenticationBackend):
 		if payload is None:
 			return AuthCredentials(scopes=[]), AuthUser(user_id=None)
 
+		if not payload.device in ("pc", "mobile"):
+			return AuthCredentials(scopes=[]), AuthUser(user_id=None)
+
 		scopes = User.get_permission(user_id=payload.user_id)
 		return AuthCredentials(user_id=payload.user_id, scopes=scopes, logged_in=True), AuthUser(user_id=payload.user_id)
 
@@ -89,8 +92,11 @@ class EmailAuthenticate:
 			raise InvalidToken("invalid token")
 		with local_session() as session:
 			user = session.query(User).filter_by(id=payload.user_id).first()
-		if not user:
-			raise Exception("user not exist")
+			if not user:
+				raise Exception("user not exist")
+			if not user.emailConfirmed:
+				user.emailConfirmed = True
+				session.commit()
 		auth_token = await Authorize.authorize(user)
 		return (auth_token, user)
 

auth/email.py

@@ -11,11 +11,20 @@ MAILGUN_FROM = "postmaster <postmaster@%s>" % (MAILGUN_DOMAIN)
 
 AUTH_URL = "%s/email_authorize" % (BACKEND_URL)
 
+async def send_confirm_email(user):
+	text = "<html><body>To confirm registration follow the <a href='%s'>link</link></body></html>"
+	await send_email(user, text)
+
 async def send_auth_email(user):
+	text = "<html><body>To enter the site follow the <a href='%s'>link</link></body></html>"
+	await send_email(user, text)
+
+async def send_email(user, text):
 	token = await EmailAuthenticate.get_email_token(user)
 
 	to = "%s <%s>" % (user.username, user.email)
-	text = "%s?token=%s" % (AUTH_URL, token)
+	auth_url_with_token = "%s?token=%s" % (AUTH_URL, token)
+	text = text % (auth_url_with_token)
 	response = requests.post(
 		MAILGUN_API_URL,
 		auth = ("api", MAILGUN_API_KEY),
@@ -23,7 +32,7 @@ async def send_auth_email(user):
 			"from": MAILGUN_FROM,
 			"to": to,
 			"subject": "authorize log in",
-			"text": text
+			"html": text
 			}
 		)
 	response.raise_for_status()