ZeeshanML
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎auth.py‎
Lines changed: 8 additions & 0 deletions b/‎auth.py‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎config.py‎
Lines changed: 13 additions & 0 deletions b/‎config.py‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎email_utils.py‎
Lines changed: 63 additions & 0 deletions b/‎email_utils.py‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎main.py‎
Lines changed: 53 additions & 5 deletions b/‎main.py‎
Lines changed: 53 additions & 5 deletions
diff --git a/‎media/profile_pics/1fb37d5bd0ac4e96947ffb7780a4d100.jpg‎
34.1 KB b/‎media/profile_pics/1fb37d5bd0ac4e96947ffb7780a4d100.jpg‎
34.1 KB
diff --git a/‎media/profile_pics/5b1fb45b34f04935b296cc0a46e1d765.jpg‎
16.8 KB b/‎media/profile_pics/5b1fb45b34f04935b296cc0a46e1d765.jpg‎
16.8 KB
diff --git a/‎media/profile_pics/9aa3eafdc3f14cd88d848af00829e6e2.jpg‎
-19.8 KB b/‎media/profile_pics/9aa3eafdc3f14cd88d848af00829e6e2.jpg‎
-19.8 KB
diff --git a/‎media/profile_pics/db5d7cb9e20148acadd4e5e683f2a93b.jpg‎
25.4 KB b/‎media/profile_pics/db5d7cb9e20148acadd4e5e683f2a93b.jpg‎
25.4 KB
diff --git a/‎media/profile_pics/download.jpeg‎
-6.26 KB b/‎media/profile_pics/download.jpeg‎
-6.26 KB
@@ -7,6 +7,7 @@
 ### Database Files ###
 *.sqlite3
 *.db
+populate_db.py
 
 ### macOS ###
 # General
 
@@ -5,6 +5,8 @@
 import jwt
 from fastapi.security import OAuth2PasswordBearer
 from pwdlib import PasswordHash
+import hashlib
+import secrets
 
 from config import settings
 
@@ -28,6 +30,12 @@ def hash_password(password: str) -> str:
 def verify_password(plain_password: str, hashed_password: str) -> bool:
     return password_hash.verify(plain_password, hashed_password)
 
+def generate_reset_token() -> str:
+    return secrets.token_urlsafe(32)
+
+def hash_reset_token(token: str) -> str:
+    return hashlib.sha256(token.encode()).hexdigest()
+
 
 def create_access_token(data: dict, expires_delta: timedelta | None = None) -> str:
     """Create a JWT access token."""
 
@@ -13,5 +13,18 @@ class Settings(BaseSettings):
 
     max_upload_size_bytes: int = 5 * 1024 * 1024
 
+    posts_per_page: int = 10
+
+    reset_token_expire_minutes: int = 60
+
+    mail_server: str = "localhost"
+    mail_port: int = 587
+    mail_username: str = ""
+    mail_password: SecretStr = SecretStr("")
+    mail_from: str = "noreply@example.com"
+    mail_use_tls: bool = True
+
+    frontend_url: str = "http://localhost:8000"
+
 
 settings = Settings() # Loaded from .env file
@@ -0,0 +1,63 @@
+from email import message
+from email.message import EmailMessage
+
+import aiosmtplib
+from fastapi.templating import Jinja2Templates
+
+from config import settings
+
+templates = Jinja2Templates(directory="templates")
+
+
+async def send_email(
+    to_email: str,
+    subject: str,
+    plain_text: str,
+    html_content: str | None = None,
+) -> None:
+    message = EmailMessage()
+    message["From"] = settings.mail_from
+    message["To"] = to_email
+    message["Subject"] = subject
+
+    message.set_content(plain_text)
+
+    if html_content:
+        message.add_alternative(html_content, subtype="html")
+
+    await aiosmtplib.send(
+            message,
+            hostname=settings.mail_server,
+            port=settings.mail_port,
+            username=settings.mail_username if settings.mail_username else None,
+            password=settings.mail_password.get_secret_value() or None,
+            start_tls=settings.mail_use_tls,
+        )
+
+
+async def send_password_reset_email(to_email: str, username: str, token: str) -> None:
+    reset_url = f"{settings.frontend_url}/reset-password?token={token}"
+
+    template = templates.env.get_template("email/password_reset.html")
+    html_content = template.render(reset_url=reset_url, username=username)
+
+    plain_text = f"""Hi {username},
+
+    You requested to reset your password. Click the link below to set a new password:
+
+    {reset_url}
+
+    This link will expire in 1 hour.
+
+    If you didn't request this, you can safely ignore this email.
+
+    Best regards,
+    The FastAPI Blog Team
+    """
+
+    await send_email(
+        to_email=to_email,
+        subject="Reset Your Password - FastAPI Blog",
+        plain_text=plain_text,
+        html_content=html_content,
+    )
@@ -9,14 +9,13 @@
 from fastapi.exceptions import RequestValidationError
 from fastapi.staticfiles import StaticFiles
 from fastapi.templating import Jinja2Templates
-from sqlalchemy import select
+from sqlalchemy import select, func
 from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy.orm import selectinload
 from starlette.exceptions import HTTPException as StarletteHTTPException
-
 import models
 from database import Base, engine, get_db
-
+from config import settings
 from routers import users, posts
 
 
@@ -44,16 +43,28 @@ async def lifespan(_app: FastAPI):
 @app.get("/", include_in_schema=False, name="home")
 @app.get("/posts", include_in_schema=False, name="posts")
 async def home(request: Request, db: Annotated[AsyncSession, Depends(get_db)]):
+    count_result = await db.execute(select(func.count()).select_from(models.Post))
+    total = count_result.scalar() or 0
+
     result = await db.execute(
         select(models.Post)
         .options(selectinload(models.Post.author))
         .order_by(models.Post.date_posted.desc())
+        .limit(settings.posts_per_page),
     )
     posts = result.scalars().all()
+
+    has_more = len(posts) < total
+
     return templates.TemplateResponse(
         request,
         "home.html",
-        {"posts": posts, "title": "Home"},
+        {
+            "posts": posts,
+            "title": "Home",
+            "limit": settings.posts_per_page,
+            "has_more": has_more,
+        },
     )
 
 
@@ -92,17 +103,35 @@ async def user_posts_page(
             status_code=status.HTTP_404_NOT_FOUND,
             detail="User not found",
         )
+
+    count_result = await db.execute(
+        select(func.count())
+        .select_from(models.Post)
+        .where(models.Post.user_id == user_id),
+    )
+    total = count_result.scalar() or 0
+
     result = await db.execute(
         select(models.Post)
         .options(selectinload(models.Post.author))
         .where(models.Post.user_id == user_id)
         .order_by(models.Post.date_posted.desc())
+        .limit(settings.posts_per_page),
     )
     posts = result.scalars().all()
+
+    has_more = len(posts) < total
+
     return templates.TemplateResponse(
         request,
         "user_posts.html",
-        {"posts": posts, "user": user, "title": f"{user.username}'s Posts"},
+        {
+            "posts": posts,
+            "user": user,
+            "title": f"{user.username}'s Posts",
+            "limit": settings.posts_per_page,
+            "has_more": has_more,
+        },
     )
 
 
@@ -131,6 +160,25 @@ async def account_page(request: Request):
         {"title": "Account"},
     )
 
+@app.get("/forgot-password", include_in_schema=False)
+async def forgot_password_page(request: Request):
+    return templates.TemplateResponse(
+        request,
+        "forgot_password.html",
+        {"title": "Forgot Password"},
+    )
+
+
+@app.get("/reset-password", include_in_schema=False)
+async def reset_password_page(request: Request):
+    response = templates.TemplateResponse(
+        request,
+        "reset_password.html",
+        {"title": "Reset Password"},
+    )
+    response.headers["Referrer-Policy"] = "no-referrer"
+    return response
+
 
 @app.exception_handler(StarletteHTTPException)
 async def general_http_exception_handler(