def auth_confirm(token): if confirm_token(token): mail = confirm_token(token) code = set_user_confirmed(mail) if code == 201: return jsonify({"msg": "User successfully confirmed"}), code else: return jsonify({"msg": "Oops!"}), 422 else: return jsonify({"msg": "Confirmation link invalid or has expired"}), 498
def post(self): data = request.form current_user = User.find_by_username(data['username']) if not current_user: print('User {} doesn\'t exist'.format(data['username'])) return { 'message': 'User {} doesn\'t exist'.format(data['username']) }, 401 if current_user.email != confirm_token(data['token']): print('Invalid token') return {'message': 'Invalid token'}, 401 if User.verify_hash(data['password'], current_user.password_hash): current_user.confirmed = True current_user.save() access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return { 'message': 'Logged in as {}'.format(current_user.username), 'access_token': access_token, 'refresh_token': refresh_token } else: print('Wrong credentials') return {'message': 'Wrong credentials'}, 401
def reset_password(token): if current_user.is_authenticated: return redirect(url_for('home.home_page')) form = ResetPasswordChangeForm() if form.validate_on_submit(): try: email = confirm_token(token) except BaseException: flash( 'Link resetujący hasło wygasł, lub jest nieprawidłowy!', 'danger') user = User.objects(email=email).first_or_404() if user.last_change + timedelta(minutes=30) <= datetime.now(): user.update(password=bcrypt.generate_password_hash(form.password.data)) user.update(last_password_change=datetime.now()) flash( 'Twoje hasło zostało pomyślnie zresetowane!, teraz możesz się zalogować.', 'success') return redirect(url_for('auth.login')) else: flash( 'Hasło można zresetować po upływie 30minut od ostatniej zmiany!', 'warning') return redirect(url_for('home.home_page')) return render_template('/auth/resetPassword.html', form=form)
def confirm_email(token): try: email = confirm_token(token) except: abort(404) user = User.query.filter_by(mail=email).first_or_404() user.confirmed = True db.session.commit() flash("Your Account has been successfully activated", "Account Activated") return redirect("/login")
def confirm_account(token): try: email = confirm_token(token) except BaseException: flash('Link potwierdzający jest nieprawidłowy lub wygasł!.', 'danger') user = User.objects(email=email).first_or_404() if user.confirmed: flash('Twoje konto zostało już wcześniej potwierdzone!', 'info') else: user.update(confirmed=True) flash('Aktywacja konta przebiegła pomyślnie. Dziękujemy!', 'success') return redirect(url_for('home.home_page'))
def confirm_email(token): try: email = confirm_token(token) except Exception: # FIXME return {}, HTTPStatus.BAD_REQUEST user = get_object_or_404(User, (User.username == email)) if user.is_active: return {'error': 'User is already active'}, HTTPStatus.BAD_REQUEST else: user.is_active = True user.save() return {}, HTTPStatus.OK
def post(self, confirmToken): try: emailp = confirm_token(confirmToken) except BaseException: return abort( 403, description='Token aktywujący wygasł, lub jest niepoprawny!') # if not emailp: return abort(403, description='Coś poszło nie tak, skontaktuj sie z administratorem serwisu!') user = User.objects(username='******').first_or_404() if user.confirmed: return abort(403, description='To konto zostało już aktywowane.') else: user.update(confirmed=True) return jsonify( message='Konto zostało pomyślnie aktywowane! Dziękujemy')
def reset_pass(token): try: email = confirm_token(token) except: abort(404) if request.method == "POST": passw = request.form.get("pass") pwd = request.form.get("pwd") if isPassword(pwd): if pwd == passw: user = User.query.filter_by(mail=email).first_or_404() user.password = hash_func(pwd) db.session.commit() flash("Password Change successful", "Success") return redirect("/login") flash("Passwords are not matching", "Error") flash( "Password must contain at least one uppercase, one lowercase, one digit, one special and have a minimum length of 8", "Error") return render_template("subTemplates/passReset.html", mail=email)