def reset_password(email_address_hash): top_nav = get_top_nav() errors = [] success = False show_form = True try: user = User.objects.filter(email_address_hash = email_address_hash)[0] if not user.password_reset_expiration or datetime.now() > user.password_reset_expiration: raise except: errors.append("No password reset request found.") show_form = False if not errors and request.method == 'POST': password = request.form.get("password", None) confirm_password = request.form.get("confirm_password", None) if not password: errors.append("Please provide a password.") elif not utils.validate_password(password): errors.append("Password should be at least 8 characters and contain a letter and number.") elif password != confirm_password: errors.append("Confirm password should match the password.") if not errors: success = True show_form = False user.password = password user.password_reset_expiration = None user.save() return render_template('user/reset_password.html', **locals())
def edit_profile(self, email_address, **kwargs): try: if not email_address: raise Exception, 'Email address cannot be empty.' user = None new_password = request.json.get('new_password', None) if new_password: old_password = request.json.get('old_password', None) if not old_password: raise Exception, 'Old password cannot be empty if you want to change your password.' if not utils.validate_password(new_password): raise Exception, 'Invalid new password.' try: user = User.objects.filter(email_address=email_address.lower(), password=old_password)[0] except: raise Exception, 'Invalid user.' user.password = new_password user.last_password_change = datetime.now() if not user: try: user = User.objects.filter(email_address=email_address.lower())[0] except: raise Exception, 'Invalid user.' user.push_notifications = bool(request.json.get('push_notifications', user.push_notifications)) user.email = bool(request.json.get('email', user.email)) user.badge = bool(request.json.get('badge', user.badge)) if request.json.get('ua_ids', None): ua_ids = request.json['ua_ids'] if not isinstance(ua_ids, (list, tuple)): ua_ids = [ua_ids] user.ua_ids = ua_ids user.save() data = { 'status': 'success' } except Exception, e: data = { 'status': 'failure', 'reason': str(e) }
def create(self, **kwargs): try: email_address = request.json.get('email_address', None) if not email_address: raise Exception, 'Email address cannot be empty.' password = request.json.get('password', None) if not password: raise Exception, 'Password cannot be empty.' if not utils.validate_password(password): raise Exception, 'Invalid password.' if User.exists(email_address): raise Exception, 'An account for this email address already exists.' User.objects.create(email_address=email_address, password=password) #TODO Kicks off the account validation flow, sending an email to the user. #This must be completed before any alerts will be sent to the mobile device or the email address. data = { 'status': 'success' } except Exception, e: data = { 'status': 'failure', 'reason': str(e) }