qzl/social-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): switch signup to OTP verification flow

Browse Source 
Replace legacy signup with start/verify/resend endpoints, add OTP-focused mail templates and auth rate limits, and align compose/env/runbook for local self-hosted Supabase OTP behavior.
This commit is contained in:
qzl
2026-02-25 13:34:02 +08:00
parent 02e5e52e1f
commit 1cc8fa1abf
16 changed files with 707 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/tests/unit/v1/auth/test_auth_models.py
+15 -3
View File
@@ -8,22 +8,34 @@ from v1.auth.schemas import (
AuthUser,
LoginRequest,
RefreshRequest,
SignupRequest,
SignupStartRequest,
SignupVerifyRequest,
SignupResendRequest,
)
def test_signup_requires_valid_email() -> None:
with pytest.raises(ValidationError):
SignupRequest(username="demo", email="not-an-email", password="secret123")
SignupStartRequest(username="demo", email="not-an-email", password="secret123")
def test_signup_requires_username() -> None:
with pytest.raises(ValidationError):
SignupRequest.model_validate(
SignupStartRequest.model_validate(
{"email": "user@example.com", "password": "secret123"}
)
def test_signup_verify_requires_six_digit_token() -> None:
with pytest.raises(ValidationError):
SignupVerifyRequest(email="user@example.com", token="abc123")
def test_signup_resend_requires_valid_email() -> None:
with pytest.raises(ValidationError):
SignupResendRequest(email="invalid")
def test_login_requires_valid_email() -> None:
with pytest.raises(ValidationError):
LoginRequest(email="invalid", password="secret123")