def password_reset(self, request, **data): """Sends an e-mail for a password reset request.""" if self.reset is None: self.logger.debug('reset attempted, but no resetcode library ' 'installed') raise HTTPServiceUnavailable() request.response.headers.add('X-Frame-Options', 'DENY') user_id = self.auth.get_user_id(request.user) if user_id is None: # user not found raise HTTPJsonBadRequest(ERROR_INVALID_USER) self.auth.get_user_info(request.user, ['mail']) if request.user.get('mail') is None: raise HTTPJsonBadRequest(ERROR_NO_EMAIL_ADDRESS) self._check_captcha(request, data) try: # the request looks fine, let's generate the reset code code = self.reset.generate_reset_code(request.user) urlgen = URLGenerator(self.app.mapper, request.environ) data = {'user_name': request.user['username'], 'code': code, 'host': request.host_url, 'url': urlgen(controller="user", action="password_reset_form")} body = render_mako('password_reset_mail.mako', **data) sender = request.config['smtp.sender'] host = request.config['smtp.host'] port = int(request.config['smtp.port']) user = request.config.get('smtp.user') password = request.config.get('smtp.password') subject = 'Resetting your Services password' res, msg = send_email(sender, request.user['mail'], subject, body, host, port, user, password) if not res: raise HTTPServiceUnavailable(msg) except AlreadySentError: #backend handled the reset code email. Keep going pass return text_response('success')
def password_reset(self, request, **data): """Sends an e-mail for a password reset request.""" if self.reset is None: logger.debug('reset attempted, but no resetcode library installed') raise HTTPServiceUnavailable() user_id = self.auth.get_user_id(request.user) if user_id is None: # user not found raise HTTPJsonBadRequest(ERROR_INVALID_USER) self.auth.get_user_info(request.user, ['mail']) if request.user.get('mail') is None: raise HTTPJsonBadRequest(ERROR_NO_EMAIL_ADDRESS) self._check_captcha(request, data) try: # the request looks fine, let's generate the reset code code = self.reset.generate_reset_code(request.user) data = { 'host': request.host_url, 'user_name': request.user['username'], 'code': code } body = render_mako('password_reset_mail.mako', **data) sender = request.config['smtp.sender'] host = request.config['smtp.host'] port = int(request.config['smtp.port']) user = request.config.get('smtp.user') password = request.config.get('smtp.password') subject = 'Resetting your Services password' res, msg = send_email(sender, request.user['mail'], subject, body, host, port, user, password) if not res: raise HTTPServiceUnavailable(msg) except AlreadySentError: #backend handled the reset code email. Keep going pass return text_response('success')
def test_send_email(self): # let's patch smtplib and collect mails that are being produced # and load them into message objects class FakeMailer(object): mails = [] def __init__(self, *args, **kw): pass def sendmail(self, sender, rcpts, msg): self.mails.append((sender, rcpts, msg)) def quit(self): pass subject = u"Hello there" body = u"ah yeah" old = smtplib.SMTP smtplib.SMTP = FakeMailer try: # e-mail with real names send_email(u'Tarek Ziadé <*****@*****.**>', u'John Doe <*****@*****.**>', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual( mail['From'], '=?utf-8?q?Tarek_Ziad=C3=A9?= ' + '<*****@*****.**>') self.assertEqual(mail['To'], 'John Doe <*****@*****.**>') # simple e-mail send_email(u'<*****@*****.**>', u'<*****@*****.**>', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual(mail['From'], '<*****@*****.**>') self.assertEqual(mail['To'], '<*****@*****.**>') # basic e-mail send_email(u'*****@*****.**', u'*****@*****.**', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual(mail['From'], '*****@*****.**') self.assertEqual(mail['To'], '*****@*****.**') # XXX That should not happen # now what happens if we get strings send_email('*****@*****.**', '*****@*****.**', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual(mail['From'], '*****@*****.**') self.assertEqual(mail['To'], '*****@*****.**') send_email('Tarek Ziadé <*****@*****.**>', '*****@*****.**', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual( mail['From'], '=?utf-8?q?Tarek_Ziad=C3=A9?= ' + '<*****@*****.**>') self.assertEqual(mail['To'], '*****@*****.**') finally: smtplib.SMTP = old
def test_send_email(self): # let's patch smtplib and collect mails that are being produced # and load them into message objects class FakeMailer(object): mails = [] def __init__(self, *args, **kw): pass def sendmail(self, sender, rcpts, msg): self.mails.append((sender, rcpts, msg)) def quit(self): pass subject = u"Hello there" body = u"ah yeah" old = smtplib.SMTP smtplib.SMTP = FakeMailer try: # e-mail with real names send_email(u'Tarek Ziadé <*****@*****.**>', u'John Doe <*****@*****.**>', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual(mail['From'], '=?utf-8?q?Tarek_Ziad=C3=A9?= <*****@*****.**>') self.assertEqual(mail['To'], 'John Doe <*****@*****.**>') # simple e-mail send_email(u'<*****@*****.**>', u'<*****@*****.**>', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual(mail['From'], '<*****@*****.**>') self.assertEqual(mail['To'], '<*****@*****.**>') # basic e-mail send_email(u'*****@*****.**', u'*****@*****.**', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual(mail['From'], '*****@*****.**') self.assertEqual(mail['To'], '*****@*****.**') # XXX That should not happen # now what happens if we get strings send_email('*****@*****.**', '*****@*****.**', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual(mail['From'], '*****@*****.**') self.assertEqual(mail['To'], '*****@*****.**') send_email('Tarek Ziadé <*****@*****.**>', '*****@*****.**', subject, body) # let's load it mail = message_from_string(FakeMailer.mails[-1][-1]) self.assertEqual(mail['From'], '=?utf-8?q?Tarek_Ziad=C3=A9?= <*****@*****.**>') self.assertEqual(mail['To'], '*****@*****.**') finally: smtplib.SMTP = old
def forgot_step_2(request, **args): """Tries to send the email with a reset code, then lets the user know we've done that """ data = {} auth = request.registry["auth"] username = extract_username(request.params['username']) request.user['username'] = username user_id = auth.get_user_id(request.user) if not user_id: request.errors.append(_('Unable to locate your account. ' 'Please check your username.')) return render_to_response('console/password_reset1.mako', forgot_step_1(request), request) if not request.registry.settings['app.captcha'].check(request): log_cef('Captcha failed on forgot password', 3, request.environ, request.registry.settings.get('config').get_map(), username, signature=CAPTCHA_FAILURE) request.errors.append(_('The captcha did not match. ' 'Please try again')) return render_to_response('console/password_reset1.mako', forgot_step_1(request), request) try: reset = request.registry.settings.get('app.console.reset') reset_code = reset.generate_reset_code(request.user, True) if not reset_code: request.errors.append(_('Getting a reset code failed ' 'unexpectedly. Please try again later.')) logger.error("Could not generate a reset code") return render_to_response('console/password_reset1.mako', forgot_step_1(request), request) auth.get_user_info(request.user, ['mail']) if not valid_email(request.user['mail']): raise NoEmailError() maildata = {'forgot_url': '%s/forgot' % request.host_url, 'username': username, 'code': reset_code} template_path = get_template_lookup('console') template = \ template_path.get_template('password_reset_mail.mako') body = template.render(**maildata) subject = _('Resetting your Mozilla Services password') smtp = request.registry.settings.get('config').get_map('smtp') #sender has a required position, so we can't pass it in in the #dict sender = smtp['sender'] del smtp['sender'] send_email(sender, request.user['mail'], subject, body, **smtp) except AlreadySentError: #backend handled the reset code email. Keep going pass except NoEmailError: request.errors.append(_('We do not have an email on file for this ' 'account and cannot send you a reset code.')) return render_to_response('console/password_reset1.mako', forgot_step_1(request), request) return data