Example #1
0
def recover(request):
    form = RecoverPasswordForm(request.POST or None)
    if form.is_valid():
        password_hash, created = LostPasswordHash.objects.get_or_create(
            user=form.cleaned_data['user']
        )
        if not password_hash.is_valid():
            created = True
            password_hash.date_added = timezone.now()
            password_hash.set_hash()

        if not created:
            form.errors['__all__'] = ['A password reset was already attempted for this account within the last 24 hours.']

    if form.is_valid():
        password_hash.send_recover_mail()

        return render_to_response('sentry/account/recover/sent.html', {
            'email': password_hash.user.email,
        }, request)

    context = {
        'form': form,
    }
    return render_to_response('sentry/account/recover/index.html', context, request)
Example #2
0
def recover(request):
    form = RecoverPasswordForm(request.POST or None,
                               captcha=bool(request.session.get('needs_captcha')))
    if form.is_valid():
        password_hash, created = LostPasswordHash.objects.get_or_create(
            user=form.cleaned_data['user']
        )
        if not password_hash.is_valid():
            password_hash.date_added = timezone.now()
            password_hash.set_hash()

    if form.is_valid():
        password_hash.send_recover_mail()

        request.session.pop('needs_captcha', None)

        return render_to_response('sentry/account/recover/sent.html', {
            'email': password_hash.user.email,
        }, request)

    elif request.POST and not request.session.get('needs_captcha'):
        request.session['needs_captcha'] = 1
        form = RecoverPasswordForm(request.POST or None, captcha=True)
        form.errors.pop('captcha', None)

    context = {
        'form': form,
    }
    return render_to_response('sentry/account/recover/index.html', context, request)
Example #3
0
def recover(request):
    from sentry.app import ratelimiter

    if request.method == 'POST' and ratelimiter.is_limited(
        'accounts:recover:{}'.format(request.META['REMOTE_ADDR']),
        limit=5, window=60,  # 5 per minute should be enough for anyone
    ):
        return HttpResponse(
            'You have made too many password recovery attempts. Please try again later.',
            content_type='text/plain',
            status=429,
        )

    form = RecoverPasswordForm(request.POST or None)
    if form.is_valid():
        password_hash = send_password_recovery_mail(request, form.cleaned_data['user'])

        return render_to_response('sentry/account/recover/sent.html', {
            'email': password_hash.user.email,
        }, request)

    context = {
        'form': form,
    }
    return render_to_response('sentry/account/recover/index.html', context, request)
Example #4
0
def recover(request):
    form = RecoverPasswordForm(request.POST or None)
    if form.is_valid():
        password_hash = send_password_recovery_mail(form.cleaned_data['user'])

        return render_to_response('sentry/account/recover/sent.html', {
            'email': password_hash.user.email,
        }, request)

    context = {
        'form': form,
    }
    return render_to_response('sentry/account/recover/index.html', context, request)
Example #5
0
def recover(request):
    from sentry.app import ratelimiter

    extra = {
        'ip_address': request.META['REMOTE_ADDR'],
        'user_agent': request.META.get('HTTP_USER_AGENT'),
    }

    if request.method == 'POST' and ratelimiter.is_limited(
        u'accounts:recover:{}'.format(extra['ip_address']),
        limit=5,
        window=60,  # 5 per minute should be enough for anyone
    ):
        logger.warning('recover.rate-limited', extra=extra)

        return HttpResponse(
            'You have made too many password recovery attempts. Please try again later.',
            content_type='text/plain',
            status=429,
        )

    prefill = {'user': request.GET.get('email')}

    form = RecoverPasswordForm(request.POST or None, initial=prefill)
    extra['user_recovered'] = form.data.get('user')

    if form.is_valid():
        email = form.cleaned_data['user']
        if email:
            password_hash = LostPasswordHash.for_user(email)
            password_hash.send_email(request)

            extra['passwordhash_id'] = password_hash.id
            extra['user_id'] = password_hash.user_id

            logger.info('recover.sent', extra=extra)

        tpl = 'sentry/account/recover/sent.html'
        context = {'email': email}

        return render_to_response(tpl, context, request)

    if form._errors:
        logger.warning('recover.error', extra=extra)

    tpl = 'sentry/account/recover/index.html'
    context = {'form': form}

    return render_to_response(tpl, context, request)
Example #6
0
def recover(request):
    form = RecoverPasswordForm(request.POST or None)
    if form.is_valid():
        password_hash, created = LostPasswordHash.objects.get_or_create(user=form.cleaned_data["user"])
        if not password_hash.is_valid():
            password_hash.date_added = timezone.now()
            password_hash.set_hash()

    if form.is_valid():
        password_hash.send_recover_mail()

        return render_to_response("sentry/account/recover/sent.html", {"email": password_hash.user.email}, request)

    context = {"form": form}
    return render_to_response("sentry/account/recover/index.html", context, request)
Example #7
0
def recover(request):
    form = RecoverPasswordForm(request.POST or None,
                               captcha=bool(request.session.get('needs_captcha')))
    if form.is_valid():
        password_hash = send_password_recovery_mail(form.cleaned_data['user'])
        request.session.pop('needs_captcha', None)

        return render_to_response('sentry/account/recover/sent.html', {
            'email': password_hash.user.email,
        }, request)

    elif request.POST and not request.session.get('needs_captcha'):
        request.session['needs_captcha'] = 1
        form = RecoverPasswordForm(request.POST or None, captcha=True)
        form.errors.pop('captcha', None)

    context = {
        'form': form,
    }
    return render_to_response('sentry/account/recover/index.html', context, request)