Development

docker/routlin-dash/app/pages/accountlogin/action.py

@@ -31,6 +31,33 @@ def form_login():
         return redirect(f'/{_PAGE}')
 
     if not account.get('hashed_password'):
+        # Either brand-new account or email change approved - check for a pending verification row
+        try:
+            con = config_utils.open_accounts_db()
+            client = con.execute(
+                'SELECT * FROM clients WHERE email=? AND verification_code IS NOT NULL', (email,)
+            ).fetchone()
+            if client and client['cookie_unique_token'] != session.sid:
+                con.execute(
+                    '''INSERT INTO clients (cookie_unique_token, email, hashed_password, verification_code, code_sent_ts)
+                       VALUES (?,?,?,?,?)
+                       ON CONFLICT(cookie_unique_token) DO UPDATE SET
+                           email=excluded.email,
+                           hashed_password=excluded.hashed_password,
+                           verification_code=excluded.verification_code,
+                           code_sent_ts=excluded.code_sent_ts''',
+                    (session.sid, client['email'], client['hashed_password'],
+                     client['verification_code'], client['code_sent_ts'])
+                )
+                con.execute('DELETE FROM clients WHERE cookie_unique_token=?',
+                            (client['cookie_unique_token'],))
+            con.commit()
+            con.close()
+        except Exception:
+            client = None
+        if client:
+            flash('Please check your inbox and enter your verification code.', 'info')
+            return redirect('/accountverifyemail')
         flash('Account setup is not complete. Please use Create Account to set your password first.', 'error')
         return redirect(f'/{_PAGE}')