feat(auth,privacy,web): step-by-step login, privacy settings persistence, TOTP QR, and API docs

2026-03-08 12:09:53 +03:00
parent 1546ae7381
commit 79baadb522
19 changed files with 2034 additions and 79 deletions
--- a/app/auth/router.py
+++ b/app/auth/router.py
@@ -5,6 +5,7 @@ from sqlalchemy.ext.asyncio import AsyncSession

 from app.auth.schemas import (
    AuthUserResponse,
+    EmailStatusResponse,
    LoginRequest,
    MessageResponse,
    RefreshTokenRequest,
@@ -30,6 +31,7 @@ from app.auth.service import (
    revoke_user_session,
    refresh_tokens,
    register_user,
+    get_email_status,
    request_password_reset,
    resend_verification_email,
    reset_password,
@@ -45,6 +47,14 @@ from app.users.models import User
 router = APIRouter(prefix="/auth", tags=["auth"])


+@router.get("/check-email", response_model=EmailStatusResponse)
+async def check_email_status(
+    email: str,
+    db: AsyncSession = Depends(get_db),
+) -> EmailStatusResponse:
+    return await get_email_status(db, email=email)
+
+
@router.post("/register", response_model=MessageResponse, status_code=status.HTTP_201_CREATED)
 async def register(
    payload: RegisterRequest,
--- a/app/auth/schemas.py
+++ b/app/auth/schemas.py
@@ -1,6 +1,7 @@
 from datetime import datetime

 from pydantic import BaseModel, ConfigDict, EmailStr, Field
+from app.users.schemas import GroupInvitePrivacyLevel, PrivacyLevel


 class RegisterRequest(BaseModel):
@@ -58,6 +59,10 @@ class AuthUserResponse(BaseModel):
    avatar_url: str | None = None
    email_verified: bool
    twofa_enabled: bool
+    allow_private_messages: bool = True
+    privacy_last_seen: PrivacyLevel = "everyone"
+    privacy_avatar: PrivacyLevel = "everyone"
+    privacy_group_invites: GroupInvitePrivacyLevel = "everyone"
    created_at: datetime
    updated_at: datetime

@@ -76,3 +81,10 @@ class TwoFactorSetupRead(BaseModel):

 class TwoFactorCodeRequest(BaseModel):
    code: str = Field(min_length=6, max_length=8)
+
+
+class EmailStatusResponse(BaseModel):
+    email: EmailStr
+    registered: bool
+    email_verified: bool = False
+    twofa_enabled: bool = False
--- a/app/auth/service.py
+++ b/app/auth/service.py
@@ -16,6 +16,7 @@ from app.auth.token_store import (
    store_refresh_token_jti,
 )
 from app.auth.schemas import (
+    EmailStatusResponse,
    LoginRequest,
    RefreshTokenRequest,
    RegisterRequest,
@@ -343,3 +344,15 @@ async def get_current_user_for_ws(token: str, db: AsyncSession) -> User:

 def get_email_sender() -> EmailService:
    return get_email_service()
+
+
+async def get_email_status(db: AsyncSession, email: str) -> EmailStatusResponse:
+    user = await get_user_by_email(db, email)
+    if not user:
+        return EmailStatusResponse(email=email, registered=False)
+    return EmailStatusResponse(
+        email=email,
+        registered=True,
+        email_verified=user.email_verified,
+        twofa_enabled=user.twofa_enabled,
+    )