- app/utils.py: shared valid_email() + now_utc() (one email regex, was duplicated in auth.py and admin.py with a looser "@"-in check elsewhere). - security.hash_token(): one SHA-256 token hasher (was duplicated in auth.py + state.py). - auth.admin_user dependency + count_admins() helper, replacing the inline role checks and the last-admin count query repeated across admin.py/me.py/tags.py.
17 lines
696 B
Python
17 lines
696 B
Python
"""Small cross-cutting helpers shared across modules (kept dependency-light on purpose)."""
|
|
import re
|
|
from datetime import datetime, timezone
|
|
|
|
# Single source of truth for "looks like an email" — used by every endpoint that accepts an
|
|
# address (auth register/reset/demo, admin invites + demo whitelist, the setup wizard). Keep
|
|
# the strictness in one place so routes don't drift between this and a looser "@"-in check.
|
|
_EMAIL_RE = re.compile(r"^[^@\s]+@[^@\s]+\.[^@\s]+$")
|
|
|
|
|
|
def valid_email(value: str | None) -> bool:
|
|
return bool(value and _EMAIL_RE.match(value))
|
|
|
|
|
|
def now_utc() -> datetime:
|
|
"""Current time as a timezone-aware UTC datetime."""
|
|
return datetime.now(timezone.utc)
|