def reset_password(): """ POST method that sends password reset link to the email address that is registered in our system :return: eather link sent to email or no correct response """ if 'user_id' in session: return json.dumps({'message': 'Logged user cannot reset password'}), 401 data = request.get_json() email = data['email'] schema = UserSchema.reg_email if not re.match(schema, email): return json.dumps({'message': 'Email is invalid'}), 415 user = User.query.filter(User.email == email).first() if not user: return json.dumps({'message': f'Email {email} not found'}), 404 token = generate_confirmation_token(user.email) subject = "Password reset requested" recover_url = url_for( 'index', _external=True) + \ 'reset_password_confirm/' + \ token.decode('utf-8') html = f'Reset Password link {recover_url}' send_email(user.email, subject, html) return json.dumps( {'message': f'reset password link sent to email {email}'}), 201
def post(self): url = request.host_url + 'reset/' try: body = request.get_json() reset_token = body.get('reset_token') password = body.get('password') if not reset_token or not password: raise SchemaValidationError user_id = decode_token(reset_token)['identity'] user = User.objects.get(id=user_id) user.modify(password=password) user.hash_password() user.save() return send_email('[Movie-bag] Password reset successful', sender='*****@*****.**', recipients=[user.email], text_body='Password reset was successful', html_body='<p>Password reset was successful</p>') except SchemaValidationError: raise SchemaValidationError # except ExpiredSignatureError: # raise ExpiredTokenError except (DecodeError, InvalidTokenError): raise BadTokenError except Exception as e: raise InternalServerError
def post(self): url = request.host_url + 'reset/' try: body = request.get_json() email = body.get('email') if not email: raise SchemaValidationError user = User.objects.get(email=email) if not user: raise EmailDoesnotExistsError expires = datetime.timedelta(hours=24) reset_token = create_access_token(str(user.id), expires_delta=expires) return send_email( '[Movie-bag] Reset Your Password', sender='*****@*****.**', recipients=[user.email], text_body=render_template('email/reset_password.txt', url=url + reset_token), html_body=render_template('email/reset_password.html', url=url + reset_token)) except SchemaValidationError: raise SchemaValidationError except EmailDoesnotExistsError: raise EmailDoesnotExistsError except Exception as e: raise InternalServerError
def send_templink(path, emails): """ Function generate token and send link to user email. :param path: path to file :param emails: list of emails of recepients :return: status """ token = generate_confirmation_token(path) subject = "Your file has been processed!" recover_url = url_for( 'index', _external=True) + \ 'api/temp_link/' + \ token.decode('utf-8') html = f'Your file has been processed successfully. \ Please download it from link {recover_url}' send_email(emails, subject, html) return 'Link sent'
def reset_request(): """ POST method that sends password reset link to the email address that is registered in our system :return: eather link sent to email or no correct response """ ttl = 60 * 60 if 'user_id' in session: return jsonify({ 'message': 'Logged user cannot reset password' }), Status.HTTP_401_UNAUTHORIZED data = request.get_json() email = data['email'] schema = UserSchema.reg_email if not re.match(schema, email): return jsonify({ 'message': 'Email is invalid' }), Status.HTTP_415_UNSUPPORTED_MEDIA_TYPE user = DataBaseManager.get_user_by_email(email) if not user: return jsonify({ 'message': f'Email {email} not found' }), Status.HTTP_404_NOT_FOUND token = generate_confirmation_token(user.email) subject = "Password reset requested" recover_url = url_for( 'index', _external=True) + \ 'reset_password_confirm/' + \ token.decode('utf-8') html = f'Reset Password link {recover_url}' send_email(user.email, subject, html) REDIS.set(token, True, ex=ttl) return jsonify({ 'message': f'reset password link sent to email {email}' }), Status.HTTP_201_CREATED
def register(): """ POST methods for registration :return: Registered user or incorrect responses """ data = request.get_json() email = data['email'] password = data['password'] user = User.query.filter(User.email == email).first() if user: if user.confirmed: return json.dumps({'message': f'email: {email} already exist'}), 401 if not user: user = User.create(email, password) password = check_password_hash(pwhash=user.password, password=data['password']) if not password: return json.dumps({ 'message': 'You entered incorrect password please reset your password' }), 400 token = generate_confirmation_token(user.email) confirm_url = url_for('index', _external=True) + 'confirm/' + token.decode('utf-8') html = f'Link: {confirm_url}' subject = "Please confirm your email" send_email(user.email, subject, html) return json.dumps({ 'message': f'Please confirm registration and link sent to {user.email}' }), 201
def register(): """ POST methods for registration :return: Registered user or incorrect responses """ data = request.get_json() email = data['email'] password = data['password'] user = DataBaseManager.get_user_by_email(email) if user: if user.confirmed: return jsonify({ 'message': f'email: {email} already exist' }), Status.HTTP_401_UNAUTHORIZED if not user: user = User.create(email, password) password = check_password_hash(pwhash=user.password, password=data['password']) if not password: return jsonify({ 'message': 'You entered incorrect password please reset your password' }), Status.HTTP_400_BAD_REQUEST token = generate_confirmation_token(user.email) confirm_url = url_for('index', _external=True) + 'confirm/' + token.decode('utf-8') html = f'Link: {confirm_url}' subject = "Please confirm your email" send_email(user.email, subject, html) return jsonify({ 'message': f'Please confirm registration via email' }), Status.HTTP_201_CREATED
def send_confirm_email(email, fullname, **kwargs): confirm_token = encode_token(email, int(TOKEN_UPTIME)) active_link = SERVER_BASE_URL + 'register/confirm_email/' + confirm_token msg_html = email_template.gen_confirm_email_body_template(fullname, email, active_link) mail_service.send_email("uShop's email confirmation", email, msg_html)