lukbrew25
diff --git a/‎README.md‎
Lines changed: 33 additions & 9 deletions b/‎README.md‎
Lines changed: 33 additions & 9 deletions
diff --git a/‎dist/easy_mongodb_auth_handler-1.0.8.tar.gz‎
-23.6 KB b/‎dist/easy_mongodb_auth_handler-1.0.8.tar.gz‎
-23.6 KB
diff --git a/‎dist/easy_mongodb_auth_handler-1.0.8-py3-none-any.whl‎ renamed to ‎dist/easy_mongodb_auth_handler-1.0.9-py3-none-any.whl‎
21.3 KB b/‎dist/easy_mongodb_auth_handler-1.0.8-py3-none-any.whl‎ renamed to ‎dist/easy_mongodb_auth_handler-1.0.9-py3-none-any.whl‎
21.3 KB
diff --git a/‎dist/easy_mongodb_auth_handler-1.0.9.tar.gz‎
24.5 KB b/‎dist/easy_mongodb_auth_handler-1.0.9.tar.gz‎
24.5 KB
diff --git a/‎setup.py‎
Lines changed: 1 addition & 1 deletion b/‎setup.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/easy_mongodb_auth_handler/auth.py‎
Lines changed: 83 additions & 9 deletions b/‎src/easy_mongodb_auth_handler/auth.py‎
Lines changed: 83 additions & 9 deletions
@@ -81,7 +81,11 @@ auth = Auth(
 This code initializes the package. 
 The mail arguments are not required, but needed to use verification code functionality. 
 The `blocking` argument is optional and defaults to `True`. If set to `True`, it enables user blocking functionality.
-All methods return True or False with additional detailed outcome reports.
+All methods return True or False (unless the method is meant to return data) with additional detailed outcome reports (as in the following format):
+{
+    "success": True/False, 
+    "message": "specific message or error code"
+}
 
 ## Function Reference - auth.example_func(args)
 
@@ -103,6 +107,12 @@ All functions return a dictionary: `{"success": True/False, "message": "specific
     - `password` (`str`): User's password.
     - `custom_data` (`any`, optional): Additional user info to store. If None, defaults to an empty dictionary.
 
+- **register_user_no_pass(email, custom_data=None)**
+  - Registers a user without a password and sends a verification code via email.
+  - **Parameters:**
+    - `email` (`str`): User's email address.
+    - `custom_data` (`any`, optional): Additional user info to store. If None, defaults to an empty dictionary.
+
 - **verify_user(email, code)**
   - Verifies a user by checking the provided verification code.
   - **Parameters:**
@@ -116,6 +126,19 @@ All functions return a dictionary: `{"success": True/False, "message": "specific
   - **Parameters:**
     - `email` (`str`): User's email address.
     - `password` (`str`): User's password.
+    - `mfa` (`bool`, optional): If set to `True`, it will send the user a six-digit code to their email for multi-factor authentication. Defaults to `False`.
+- 
+- **verify_mfa_code(email, code)**
+  - Verifies the multi-factor authentication code sent to the user's email. Can be used in conjunction with register_user_no_pass(), verify_user(), and generate_code() for passwordless sign-in.
+  - **Parameters:**
+    - `email` (`str`): User's email address.
+    - `code` (`str`): Six-digit code sent to the user's email.
+
+### MFA Code Management
+- **generate_code(email)**
+  - Generates and emails a code to the user. Call before password and email resets or when signing in without password.
+  - **Parameters:**
+    - `email` (`str`): User's email address.
 
 ### Password Management
 
@@ -126,11 +149,6 @@ All functions return a dictionary: `{"success": True/False, "message": "specific
     - `old_password` (`str`): User's current password.
     - `new_password` (`str`): New password to set.
 
-- **generate_reset_code(email)**
-  - Generates and emails a password reset code to the user.
-  - **Parameters:**
-    - `email` (`str`): User's email address.
-
 - **verify_reset_code_and_reset_password(email, reset_code, new_password)**
   - Verifies a password reset code and resets the user's password.
   - **Parameters:**
@@ -148,7 +166,7 @@ All functions return a dictionary: `{"success": True/False, "message": "specific
     - `password` (`str`): User's password.
 
 - **verify_reset_code_and_change_email(email, reset_code, new_email, password=None)**
-  - Changes the user's email address after verifying a reset code sent to their email. Optionally verifies the password.
+  - Changes the user's email address after verifying a reset code sent to their email. Optionally uses password verification if the user has a saved password or one is provided.
   - **Parameters:**
     - `email` (`str`): User's current email address.
     - `reset_code` (`str`): Reset code sent to the user's email.
@@ -188,14 +206,20 @@ When a user is blocked, they cannot log in or perform any actions that require a
 ### Custom User Data
 Custom user data is a flexible field that can store any type of data. It is stored alongside the normal user data.
 Store all custom data in a dictionary format for more storage and to use the 2nd and 4th functions in the section below.
+If the method is meant to return data, it will do so in the following format:
+
+{
+    "success": True/False,
+    "message": "Custom user data if success OR error code if failure"
+}
 
 - **get_cust_usr_data(email)**
-  - Retrieves all custom user data for the user.
+  - Returns all custom user data for the user.
   - **Parameters:**
     - `email` (`str`): User's email address.
 
 - **get_some_cust_usr_data(email, field)**
-  - Retrieves a specific dictionary entry from the user's custom data. REQUIRES the custom data to be stored in a dictionary format.
+  - Returns a specific dictionary entry from the user's custom data. REQUIRES the custom data to be stored in a dictionary format.
   - **Parameters:**
     - `email` (`str`): User's email address.
     - `field` (`str`): Dictionary name to retrieve.
 
@@ -11,7 +11,7 @@
 
 setup(
     name="easy_mongodb_auth_handler",
-    version="1.0.8",
+    version="1.0.9",
     description="A user authentication and verification system using MongoDB.",
     author="Lukbrew25",
     long_description=long_description,
 
@@ -250,6 +250,50 @@ def register_user(self, email, password, custom_data=None):
         except Exception as error:
             return {"success": False, "message": str(error)}
 
+    def register_user_no_pass(self, email, custom_data=None):
+        """
+        registers a user without password and instead uses email verification.
+
+        Args:
+            email (str): User's email address.
+            custom_data: Custom data to save with the user.
+
+        Returns:
+            dict: Success status and message.
+        """
+        if custom_data is None:
+            custom_data = {}
+        if not self.mail_info:
+            raise ValueError("Mail server information is required for user verification.")
+        try:
+            if not validate_email(email):
+                return {"success": False, "message": self.messages["invalid_email"]}
+            if self.users.find_one({"email": email}):
+                return {"success": False, "message": self.messages["user_exists"]}
+
+            if self.blocking:
+                blocked_user = self._find_blocked_user(email)
+                if blocked_user:
+                    if blocked_user["blocked"]:
+                        return {"success": False, "message": self.messages["user_blocked"]}
+                else:
+                    self.blocked.insert_one({"email": email, "blocked": False})
+            verification_code = generate_secure_code()
+            send_verification_email(self.mail_info, email, verification_code)
+            self.users.insert_one(
+                {
+                    "email": email,
+                    "password": None,
+                    "verification_code": verification_code,
+                    "blocked": False,
+                    "verified": False,
+                    "custom_data": custom_data
+                }
+            )
+            return {"success": True, "message": self.messages["verification_code_sent"]}
+        except Exception as error:
+            return {"success": False, "message": str(error)}
+
     def verify_user(self, email, code):
         """
         verifies a user's email using a verification code.
@@ -273,13 +317,14 @@ def verify_user(self, email, code):
         except Exception as error:
             return {"success": False, "message": str(error)}
 
-    def authenticate_user(self, email, password):
+    def authenticate_user(self, email, password, mfa=False):
         """
         authenticates a user
 
         Args:
             email (str): User's email address.
             password (str): User's password.
+            mfa (bool): Enable multi-factor authentication.
 
         Returns:
             dict: Success status and message.
@@ -292,11 +337,40 @@ def authenticate_user(self, email, password):
             if not user["verified"]:
                 return {"success": False, "message": self.messages["not_verified"]}
             if check_password(user, password):
+                if mfa:
+                    verification_code = generate_secure_code()
+                    self.users.find_one_and_update(
+                        {"email": email},
+                        {"$set": {"verification_code": verification_code}}
+                    )
+                    send_verification_email(self.mail_info, email, verification_code)
                 return {"success": True, "message": self.messages["authentication_success"]}
             return {"success": False, "message": self.messages["invalid_creds"]}
         except Exception as error:
             return {"success": False, "message": str(error)}
 
+    def verify_mfa_code(self, email, code):
+        """
+        verifies a user's MFA code
+
+        Args:
+            email (str): User's email address.
+            code (str): MFA code.
+
+        Returns:
+            dict: Success status and message.
+        """
+        try:
+            user = self._find_user(email)
+            output = self._block_checker(email, user)
+            if output:
+                return output
+            if user["verification_code"] == code:
+                return {"success": True, "message": self.messages["mfa_success"]}
+            return {"success": False, "message": self.messages["invalid_mfa_code"]}
+        except Exception as error:
+            return {"success": False, "message": str(error)}
+
     def delete_user(self, email, password, del_from_blocking=True):
         """
         deletes a user account
@@ -332,9 +406,9 @@ def delete_user(self, email, password, del_from_blocking=True):
         except Exception as error:
             return {"success": False, "message": str(error)}
 
-    def generate_reset_code(self, email):
+    def generate_code(self, email):
         """
-        Generates a password reset code and sends it to the user's email.
+        Generates a code and sends it to the user's email.
 
         Args:
             email (str): User's email address.
@@ -350,7 +424,7 @@ def generate_reset_code(self, email):
                 return {"success": False, "message": self.messages["user_not_found"]}
 
             reset_code = generate_secure_code()
-            self.users.update_one({"email": email}, {"$set": {"reset_code": reset_code}})
+            self.users.update_one({"email": email}, {"$set": {"verification_code": reset_code}})
             send_verification_email(self.mail_info, email, reset_code)
             return {"success": True, "message": self.messages["verification_code_sent"]}
         except Exception as error:
@@ -372,12 +446,12 @@ def verify_reset_code_and_reset_password(self, email, reset_code, new_password):
             user = self.users.find_one({"email": email})
             if not user:
                 return {"success": False, "message": self.messages["user_not_found"]}
-            if user.get("reset_code") != reset_code:
+            if user.get("verification_code") != reset_code:
                 return {"success": False, "message": self.messages["invalid_reset"]}
 
             hashed_password = hash_password(new_password)
             self.users.update_one(
-                {"email": email}, {"$set": {"password": hashed_password, "reset_code": None}}
+                {"email": email}, {"$set": {"password": hashed_password, "verification_code": None}}
             )
             return {"success": True, "message": self.messages["password_reset_success"]}
         except Exception as error:
@@ -403,14 +477,14 @@ def verify_reset_code_and_change_email(self, email, reset_code, new_email, passw
                 return {"success": False, "message": self.messages["user_not_found"]}
             if self.users.find_one({"email": new_email}):
                 return {"success": False, "message": self.messages["user_exists"]}
-            if user.get("reset_code") != reset_code:
+            if user.get("verification_code") != reset_code:
                 return {"success": False, "message": self.messages["invalid_reset"]}
-            if password:
+            if password or user_info.get("password"):
                 if not check_password(user_info, password):
                     return {"success": False, "message": self.messages["invalid_pass"]}
 
             self.users.update_one(
-                {"email": email}, {"$set": {"email": new_email, "reset_code": None}}
+                {"email": email}, {"$set": {"email": new_email, "verification_code": None}}
             )
             return {"success": True, "message": self.messages["success"]}
         except Exception as error: