def view_pw_reset(context, request):
# Second step: User is visiting reset url
if 'key' in request.params:
key = request.params['key']
if 'form.submitted' in request.params:
try:
# FormEncode validation
schema = PWResetSchema()
form_result = schema.to_python(request.params)
except formencode.validators.Invalid, why:
form = render_template('templates/password_reset.pt', request=request, api=TemplateAPI(request))
# FormEncode fills template with error messages
form = htmlfill.render(form, defaults=request.params, errors=why.error_dict)
return Response(form)
else:
session = DBSession()
user = session.query(User).filter_by(email=form_result['email']).one()
if key == user.password_reset_key():
user.password = '******' % sha.new(form_result['password'].encode('utf-8')).hexdigest()
# Login directly
headers = []
plugins = request.environ.get('repoze.who.plugins', {})
identifier = plugins.get('auth_tkt')
if identifier:
identity = {'repoze.who.userid': form_result['email']}
headers = identifier.remember(request.environ, identity)
request.environ['repoze.who.userid'] = form_result['email']
return HTTPFound(location = model_url(context, request), headers=headers)
else:
statusmessage.show(request, u"Retrieve request not valid.", u"error")
return render_template_to_response('templates/password_reset.pt', request=request, api=TemplateAPI(request))
def view_pw_reset(context, request):
# Second step: User is visiting reset url
if 'key' in request.params:
key = request.params['key']
if 'form.submitted' in request.params:
try:
# FormEncode validation
schema = PWResetSchema()
form_result = schema.to_python(request.params)
except formencode.validators.Invalid, why:
form = render_template('templates/password_reset.pt',
request=request,
api=TemplateAPI(request))
# FormEncode fills template with error messages
form = htmlfill.render(form,
defaults=request.params,
errors=why.error_dict)
return Response(form)
else:
session = DBSession()
user = session.query(User).filter_by(
email=form_result['email']).one()
if key == user.password_reset_key():
user.password = '******' % sha.new(
form_result['password'].encode('utf-8')).hexdigest()
# Login directly
headers = []
plugins = request.environ.get('repoze.who.plugins', {})
identifier = plugins.get('auth_tkt')
if identifier:
identity = {'repoze.who.userid': form_result['email']}
headers = identifier.remember(request.environ,
identity)
request.environ['repoze.who.userid'] = form_result['email']
return HTTPFound(location=model_url(context, request),
headers=headers)
else:
statusmessage.show(request, u"Retrieve request not valid.",
u"error")
return render_template_to_response('templates/password_reset.pt',
request=request,
api=TemplateAPI(request))
if 'form.submitted' in request.params:
try:
# FormEncode validation
schema = PWResetRequestSchema()
form_result = schema.to_python(request.params)
except formencode.validators.Invalid, why:
form = render_template(
'templates/password_retrieve.pt',
request=request,
api=TemplateAPI(request),
)
# FormEncode fills template with error messages
form = htmlfill.render(form,
defaults=request.params,
errors=why.error_dict)
return Response(form)
else:
session = DBSession()
user = session.query(User).filter_by(
email=form_result['email']).one()
reset_url = model_url(get_root(request), request,
'retrieve_password.html')
user.send_password_reset(reset_url)
statusmessage.show(request, u'Password retrieval e-mail sent.')
return HTTPFound(location=model_url(context, request))
return render_template_to_response('templates/password_retrieve.pt',
request=request,
api=TemplateAPI(request))
identity = {'repoze.who.userid': form_result['email']}
headers = identifier.remember(request.environ, identity)
request.environ['repoze.who.userid'] = form_result['email']
return HTTPFound(location = model_url(context, request), headers=headers)
else:
statusmessage.show(request, u"Retrieve request not valid.", u"error")
return render_template_to_response('templates/password_reset.pt', request=request, api=TemplateAPI(request))
# First step: Create and send reset url
if 'form.submitted' in request.params:
try:
# FormEncode validation
schema = PWResetRequestSchema()
form_result = schema.to_python(request.params)
except formencode.validators.Invalid, why:
form = render_template('templates/password_retrieve.pt', request = request, api=TemplateAPI(request),)
# FormEncode fills template with error messages
form = htmlfill.render(form, defaults=request.params, errors=why.error_dict)
return Response(form)
else:
session = DBSession()
user = session.query(User).filter_by(email=form_result['email']).one()
reset_url = model_url(get_root(request), request, 'retrieve_password.html')
user.send_password_reset(reset_url)
statusmessage.show(request, u'Password retrieval e-mail sent.')
return HTTPFound(location = model_url(context, request))
return render_template_to_response('templates/password_retrieve.pt', request=request, api=TemplateAPI(request))
