def view_pw_reset(context, request): # Second step: User is visiting reset url if 'key' in request.params: key = request.params['key'] if 'form.submitted' in request.params: try: # FormEncode validation schema = PWResetSchema() form_result = schema.to_python(request.params) except formencode.validators.Invalid, why: form = render_template('templates/password_reset.pt', request=request, api=TemplateAPI(request)) # FormEncode fills template with error messages form = htmlfill.render(form, defaults=request.params, errors=why.error_dict) return Response(form) else: session = DBSession() user = session.query(User).filter_by(email=form_result['email']).one() if key == user.password_reset_key(): user.password = '******' % sha.new(form_result['password'].encode('utf-8')).hexdigest() # Login directly headers = [] plugins = request.environ.get('repoze.who.plugins', {}) identifier = plugins.get('auth_tkt') if identifier: identity = {'repoze.who.userid': form_result['email']} headers = identifier.remember(request.environ, identity) request.environ['repoze.who.userid'] = form_result['email'] return HTTPFound(location = model_url(context, request), headers=headers) else: statusmessage.show(request, u"Retrieve request not valid.", u"error") return render_template_to_response('templates/password_reset.pt', request=request, api=TemplateAPI(request))
def view_pw_reset(context, request): # Second step: User is visiting reset url if 'key' in request.params: key = request.params['key'] if 'form.submitted' in request.params: try: # FormEncode validation schema = PWResetSchema() form_result = schema.to_python(request.params) except formencode.validators.Invalid, why: form = render_template('templates/password_reset.pt', request=request, api=TemplateAPI(request)) # FormEncode fills template with error messages form = htmlfill.render(form, defaults=request.params, errors=why.error_dict) return Response(form) else: session = DBSession() user = session.query(User).filter_by( email=form_result['email']).one() if key == user.password_reset_key(): user.password = '******' % sha.new( form_result['password'].encode('utf-8')).hexdigest() # Login directly headers = [] plugins = request.environ.get('repoze.who.plugins', {}) identifier = plugins.get('auth_tkt') if identifier: identity = {'repoze.who.userid': form_result['email']} headers = identifier.remember(request.environ, identity) request.environ['repoze.who.userid'] = form_result['email'] return HTTPFound(location=model_url(context, request), headers=headers) else: statusmessage.show(request, u"Retrieve request not valid.", u"error") return render_template_to_response('templates/password_reset.pt', request=request, api=TemplateAPI(request))
if 'form.submitted' in request.params: try: # FormEncode validation schema = PWResetRequestSchema() form_result = schema.to_python(request.params) except formencode.validators.Invalid, why: form = render_template( 'templates/password_retrieve.pt', request=request, api=TemplateAPI(request), ) # FormEncode fills template with error messages form = htmlfill.render(form, defaults=request.params, errors=why.error_dict) return Response(form) else: session = DBSession() user = session.query(User).filter_by( email=form_result['email']).one() reset_url = model_url(get_root(request), request, 'retrieve_password.html') user.send_password_reset(reset_url) statusmessage.show(request, u'Password retrieval e-mail sent.') return HTTPFound(location=model_url(context, request)) return render_template_to_response('templates/password_retrieve.pt', request=request, api=TemplateAPI(request))
identity = {'repoze.who.userid': form_result['email']} headers = identifier.remember(request.environ, identity) request.environ['repoze.who.userid'] = form_result['email'] return HTTPFound(location = model_url(context, request), headers=headers) else: statusmessage.show(request, u"Retrieve request not valid.", u"error") return render_template_to_response('templates/password_reset.pt', request=request, api=TemplateAPI(request)) # First step: Create and send reset url if 'form.submitted' in request.params: try: # FormEncode validation schema = PWResetRequestSchema() form_result = schema.to_python(request.params) except formencode.validators.Invalid, why: form = render_template('templates/password_retrieve.pt', request = request, api=TemplateAPI(request),) # FormEncode fills template with error messages form = htmlfill.render(form, defaults=request.params, errors=why.error_dict) return Response(form) else: session = DBSession() user = session.query(User).filter_by(email=form_result['email']).one() reset_url = model_url(get_root(request), request, 'retrieve_password.html') user.send_password_reset(reset_url) statusmessage.show(request, u'Password retrieval e-mail sent.') return HTTPFound(location = model_url(context, request)) return render_template_to_response('templates/password_retrieve.pt', request=request, api=TemplateAPI(request))