def test_sendmail(self):
with mock.patch("smtplib.SMTP") as MockSMTP:
instance = MockSMTP.return_value
mailer = Mailer("*****@*****.**")
rv = mailer.send("*****@*****.**", "test mail", "test body", "test body html")
assert rv
assert instance.sendmail.called
assert instance.quit.called
def test_sendmail(self):
with mock.patch('smtplib.SMTP') as MockSMTP:
instance = MockSMTP.return_value
mailer = Mailer('*****@*****.**')
rv = mailer.send('*****@*****.**',
'test mail', 'test body', 'test body html')
assert rv
assert instance.sendmail.called
assert instance.quit.called
def reset_request():
"""Begins the password reset procedure"""
form = forms.PasswordResetForm()
if form.validate_on_submit():
user = User.query.filter_by(
email=form.email.data
).options(
joinedload('reset_token')
).first()
# Even if the user wans't found, redirects to the "done" page
# to avoid user enumeration.
# WARNING: this method could suffer from a user enumeration
# though a timing attack.
if user is None:
app.logger.error(
"PasswordReset requested for an "
"invalid account: %s" % str(form.email.data)
)
return render_template('request_reset_done.html',
unknown_user=True)
if user.reset_token:
if not user.reset_token.expired():
return render_template('request_reset_done.html',
already_requested=True)
else:
db.Session.delete(user.reset_token)
db.Session.commit()
user.reset_token = ResetToken()
token = user.reset_token.token
reset_url = make_external(url_for('reset_password', token=token))
msg_txt = render_template('password_reset_email.txt',
reset_url=reset_url)
msg_html = render_template('password_reset_email.html',
reset_url=reset_url)
reset_sender = app.config.get('MAIL_FROM')
mailer = Mailer(reset_sender)
result = mailer.send(user.email, "Password reset", msg_txt, msg_html)
if result:
db.Session.commit()
return render_template('request_reset_done.html', result=result)
return render_template('request_reset.html', form=form)
