添加邮件验证

app/database/__init__.py

@@ -23,6 +23,7 @@ from .counts import (
     ReplayWatchedCount,
 )
 from .daily_challenge import DailyChallengeStats, DailyChallengeStatsResp
+from .email_verification import EmailVerification, LoginSession
 from .favourite_beatmapset import FavouriteBeatmapset
 from .lazer_user import (
     User,

app/database/email_verification.py

@@ -0,0 +1,44 @@
+"""
+邮件验证相关数据库模型
+"""
+
+from __future__ import annotations
+
+from datetime import datetime, UTC
+from sqlmodel import SQLModel, Field
+from sqlalchemy import Column, BigInteger, ForeignKey
+
+
+class EmailVerification(SQLModel, table=True):
+    """邮件验证记录"""
+    
+    __tablename__: str = "email_verifications"
+    
+    id: int | None = Field(default=None, primary_key=True)
+    user_id: int = Field(sa_column=Column(BigInteger, ForeignKey("lazer_users.id"), nullable=False, index=True))
+    email: str = Field(index=True)
+    verification_code: str = Field(max_length=8)  # 8位验证码
+    created_at: datetime = Field(default_factory=lambda: datetime.now(UTC))
+    expires_at: datetime = Field()  # 验证码过期时间
+    is_used: bool = Field(default=False)  # 是否已使用
+    used_at: datetime | None = Field(default=None)
+    ip_address: str | None = Field(default=None)  # 请求IP
+    user_agent: str | None = Field(default=None)  # 用户代理
+
+
+class LoginSession(SQLModel, table=True):
+    """登录会话记录"""
+    
+    __tablename__: str = "login_sessions"
+    
+    id: int | None = Field(default=None, primary_key=True)
+    user_id: int = Field(sa_column=Column(BigInteger, ForeignKey("lazer_users.id"), nullable=False, index=True))
+    session_token: str = Field(unique=True, index=True)  # 会话令牌
+    ip_address: str = Field()  # 登录IP
+    user_agent: str | None = Field(default=None)
+    country_code: str | None = Field(default=None)
+    is_verified: bool = Field(default=False)  # 是否已验证
+    created_at: datetime = Field(default_factory=lambda: datetime.now(UTC))
+    verified_at: datetime | None = Field(default=None)
+    expires_at: datetime = Field()  # 会话过期时间
+    is_new_location: bool = Field(default=False)  # 是否新位置登录

app/database/lazer_user.py

@@ -475,6 +475,25 @@ class UserResp(UserBase):
             )
         ).one()
 
+        # 检查会话验证状态
+        # 如果邮件验证功能被禁用，则始终设置 session_verified 为 true
+        from app.config import settings
+        if not settings.enable_email_verification:
+            u.session_verified = True
+        else:
+            # 如果用户有未验证的登录会话，则设置 session_verified 为 false
+            from .email_verification import LoginSession
+            unverified_session = (
+                await session.exec(
+                    select(LoginSession).where(
+                        LoginSession.user_id == obj.id,
+                        LoginSession.is_verified == False,
+                        LoginSession.expires_at > datetime.now(UTC)
+                    )
+                )
+            ).first()
+            u.session_verified = unverified_session is None
+
         return u