Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature: implement endpoint for sending verification emails #835

Open
2 of 3 tasks
Isak-Bego opened this issue Jan 11, 2025 · 0 comments
Open
2 of 3 tasks

feature: implement endpoint for sending verification emails #835

Isak-Bego opened this issue Jan 11, 2025 · 0 comments
Labels
api high priority python

Comments

@Isak-Bego
Copy link
Collaborator

Isak-Bego commented Jan 11, 2025
edited by IvanObreshkov
Loading

Brief description:

We aim to provide our users with the functionality of being able to retry sending a verification email if they don't receive it. This way the process of verifying is safer.

For this reason, we have to have an endpoint that the client side can trigger by passing the email or participant object id that will retry sending a verification email. This endpoint can be an extension of the already established verification endpoint /api/v3/hackathon/participants/verify. A suggestion could be /api/v3/hackathon/participants/verify/send-email

How to achieve it:

We should rate limit this process in case someone tries to spam the endpoint and rate limit our resend service (since with the free tier we can only send so many emails within a given time). @cl3vy has already provided a working solution. We firstly need to update the structure of the participant document to:

@dataclass(kw_only=True)
class Participant(Base):
    """A representation of the Participant entity in Mongo. It is also the schema of how the entity should look
    like in Mongo before it is inserted"""
    name: str
    email: EmailStr
    is_admin: bool
    email_verified: bool = field(default=False)
    team_id: Optional[SerializableObjectId]
    last_sent_email: Optional[datetime] = field(default=None)

Then every time we get a request in this endpoint, we check if enough time has passed since the last email sent.

        # Check rate limit
        if participant.last_sent_email:
            if datetime.now() - participant.last_sent_email < timedelta(seconds=RATE_LIMIT_SECONDS):
                LOG.error(f"Rate limit exceeded for participant {participant.id} with email {participant.email}.")
                return Err(EmailRateLimitExceededError())

If the rate limit is not exceeded you proceed with sending the email.
You can get some inspiration from these changes: 600e52d

Prerequisites

The following issues should be closed before starting work with this one:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
api high priority python
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Isak-Bego