def expired(request, user):
password_hash = LostPasswordHash.for_user(user)
password_hash.send_email(request)
context = {'email': password_hash.user.email}
return render_to_response('sentry/account/recover/expired.html', context,
request)
def expired(request, user):
password_hash = LostPasswordHash.for_user(user)
password_hash.send_email(request)
context = {"email": password_hash.user.email}
return render_to_response(get_template("recover", "expired"), context,
request)
def send_sso_unlink_email(self, actor, provider):
from sentry.utils.email import MessageBuilder
from sentry.models import LostPasswordHash
email = self.get_email()
recover_uri = u"{path}?{query}".format(
path=reverse("sentry-account-recover"), query=urlencode({"email": email})
)
# Nothing to send if this member isn't associated to a user
if not self.user_id:
return
context = {
"email": email,
"recover_url": absolute_uri(recover_uri),
"has_password": self.user.password,
"organization": self.organization,
"actor": actor,
"provider": provider,
}
if not self.user.password:
password_hash = LostPasswordHash.for_user(self.user)
context["set_password_url"] = password_hash.get_absolute_url(mode="set_password")
msg = MessageBuilder(
subject="Action Required for %s" % (self.organization.name,),
template="sentry/emails/auth-sso-disabled.txt",
html_template="sentry/emails/auth-sso-disabled.html",
type="organization.auth_sso_disabled",
context=context,
)
msg.send_async([email])
def send_sso_unlink_email(self, actor, provider):
from sentry.utils.email import MessageBuilder
from sentry.models import LostPasswordHash
email = self.get_email()
recover_uri = '{path}?{query}'.format(
path=reverse('sentry-account-recover'),
query=urlencode({'email': email}),
)
context = {
'email': email,
'recover_url': absolute_uri(recover_uri),
'has_password': self.user.password,
'organization': self.organization,
'actor': actor,
'provider': provider,
}
if not self.user.password:
password_hash = LostPasswordHash.for_user(self.user)
context['set_password_url'] = password_hash.get_absolute_url(mode='set_password')
msg = MessageBuilder(
subject='Action Required for %s' % (self.organization.name, ),
template='sentry/emails/auth-sso-disabled.txt',
html_template='sentry/emails/auth-sso-disabled.html',
type='organization.auth_sso_disabled',
context=context,
)
msg.send_async([email])
def recover(request):
from sentry.app import ratelimiter
extra = {
"ip_address": request.META["REMOTE_ADDR"],
"user_agent": request.META.get("HTTP_USER_AGENT"),
}
if request.method == "POST" and ratelimiter.is_limited(
"accounts:recover:{}".format(extra["ip_address"]),
limit=5,
window=60, # 5 per minute should be enough for anyone
):
logger.warning("recover.rate-limited", extra=extra)
return HttpResponse(
"You have made too many password recovery attempts. Please try again later.",
content_type="text/plain",
status=429,
)
prefill = {"user": request.GET.get("email")}
form = RecoverPasswordForm(request.POST or None, initial=prefill)
extra["user_recovered"] = form.data.get("user")
if form.is_valid():
email = form.cleaned_data["user"]
if email:
password_hash = LostPasswordHash.for_user(email)
password_hash.send_email(request)
extra["passwordhash_id"] = password_hash.id
extra["user_id"] = password_hash.user_id
logger.info("recover.sent", extra=extra)
context = {"email": email}
return render_to_response(get_template("recover", "sent"), context,
request)
if form._errors:
logger.warning("recover.error", extra=extra)
context = {"form": form}
return render_to_response(get_template("recover", "index"), context,
request)
def recover(request):
from sentry.app import ratelimiter
extra = {
'ip_address': request.META['REMOTE_ADDR'],
'user_agent': request.META.get('HTTP_USER_AGENT'),
}
if request.method == 'POST' and ratelimiter.is_limited(
u'accounts:recover:{}'.format(extra['ip_address']),
limit=5,
window=60, # 5 per minute should be enough for anyone
):
logger.warning('recover.rate-limited', extra=extra)
return HttpResponse(
'You have made too many password recovery attempts. Please try again later.',
content_type='text/plain',
status=429,
)
prefill = {'user': request.GET.get('email')}
form = RecoverPasswordForm(request.POST or None, initial=prefill)
extra['user_recovered'] = form.data.get('user')
if form.is_valid():
email = form.cleaned_data['user']
if email:
password_hash = LostPasswordHash.for_user(email)
password_hash.send_email(request)
extra['passwordhash_id'] = password_hash.id
extra['user_id'] = password_hash.user_id
logger.info('recover.sent', extra=extra)
tpl = 'sentry/account/recover/sent.html'
context = {'email': email}
return render_to_response(tpl, context, request)
if form._errors:
logger.warning('recover.error', extra=extra)
tpl = 'sentry/account/recover/index.html'
context = {'form': form}
return render_to_response(tpl, context, request)
def recover(request):
from sentry.app import ratelimiter
extra = {
'ip_address': request.META['REMOTE_ADDR'],
'user_agent': request.META.get('HTTP_USER_AGENT'),
}
if request.method == 'POST' and ratelimiter.is_limited(
u'accounts:recover:{}'.format(extra['ip_address']),
limit=5,
window=60, # 5 per minute should be enough for anyone
):
logger.warning('recover.rate-limited', extra=extra)
return HttpResponse(
'You have made too many password recovery attempts. Please try again later.',
content_type='text/plain',
status=429,
)
prefill = {'user': request.GET.get('email')}
form = RecoverPasswordForm(request.POST or None, initial=prefill)
extra['user_recovered'] = form.data.get('user')
if form.is_valid():
email = form.cleaned_data['user']
if email:
password_hash = LostPasswordHash.for_user(email)
password_hash.send_email(request)
extra['passwordhash_id'] = password_hash.id
extra['user_id'] = password_hash.user_id
logger.info('recover.sent', extra=extra)
tpl = 'sentry/account/recover/sent.html'
context = {'email': email}
return render_to_response(tpl, context, request)
if form._errors:
logger.warning('recover.error', extra=extra)
tpl = 'sentry/account/recover/index.html'
context = {'form': form}
return render_to_response(tpl, context, request)
def expired(request, user):
password_hash = LostPasswordHash.for_user(user)
password_hash.send_email(request)
context = {'email': password_hash.user.email}
return render_to_response('sentry/account/recover/expired.html', context, request)