Example #1
0
def post_password_reset():
    try:
        email = request.form['email']
        json_resp, status = api_post('/api/authentication/token',
                                     json={"email": email})

        form = FormValidator('An error has occurred')
        form.add_validator('email',
                           email, [email_validator, is_not_empty],
                           empty_msg='Enter your email address')

        if status != 200 or not form.is_valid():
            raise ValueError

        token = json_resp['token']
        decoded_jwt, status = api_get('/api/authentication/token/' + token +
                                      '?validation-type=reset-password')

        if status != 200:
            current_app.logger.error('Token has failed validation:' +
                                     decoded_jwt['error'])
            raise ValueError

        first_name = decoded_jwt['principle']['first_name']
        url = current_app.config.get(
            "SITE_URL") + "/password/change?t=" + token
        current_app.logger.info(url)

        template_id = current_app.config.get("RESET_PASSWORD_TEMPLATE")
        _, email_status = api_post('/api/notifications',
                                   json={
                                       "email_address": email,
                                       "template_id": template_id,
                                       "personalisation": {
                                           "first_name":
                                           first_name,
                                           "last_name":
                                           decoded_jwt['principle']['surname'],
                                           "change_password_link":
                                           url
                                       },
                                       "reference": "password-reset"
                                   },
                                   headers={'Accept': 'application/json'})
        if email_status != 201:
            raise ValueError

        return render_template('app/password/email_sent.html', email=email)

    except ValueError:
        form = FormValidator('An error has occurred')
        form.add_validator('email',
                           email, [is_not_empty, email_validator],
                           empty_msg='Enter your email address')
        return render_template(
            'app/password/reset.html',
            error_title="There was a problem",
            fields=form.validate(),
        )
Example #2
0
def _validate_and_save_password(user_id, password, confirm_password):
    try:
        form = FormValidator('Enter a valid password')
        form.add_validator('passwords',
                           password,
                           fvs=[
                               password_length, password_letters,
                               password_number, password_symbol
                           ])
        form.add_validator('confirm_password', [password, confirm_password],
                           fvs=confirm_passwords_match)

        if not form.is_valid():
            current_app.logger.error('New password has failed validation')
            raise ValueError

        _, status = api_patch(
            '/api/account/users/' + user_id,
            json={
                'password': password,
                'disabled': None
            },
            headers={'Content-Type': 'application/merge-patch+json'})

        if status != 204:
            current_app.logger.error('Account-api has failed the validation')
            raise ValueError

        return True, {}

    except ValueError as e:
        current_app.logger.error(e)
        result = form.validate()
        if (not result['passwords'].error) and (
                not result['confirm_password'].error):
            result = {
                'passwords': ValidationResult(0, None,
                                              ['Enter a valid password'])
            }
        return False, result