def reset(): form=ResetForm(request.form) if request.method == 'GET': id=int(request.args.get('id')) key=int(request.args.get('key')) if CheckRequest(id,key)==0: flash('The Request is invalid or expired.Please try again.') return redirect(url_for('login')) resp = make_response(render_template('reset.html',form=form)) resp.set_cookie('email',get_email(id)) return resp if request.method == 'POST' and form.validate(): S=BotCheck(request.form.get('g-recaptcha-response')) user=User.query.get(request.cookies.get('email')) if user is None: flash("Entered Email ID is not registered with us.") return render_template('register.html', form=form) if S==False: flash('Invalid Bot Captcha,Please reuse the link.') return redirect(url_for('login')) user.password= form.confirm.data db.session.add(user) db.session.commit() flash('Password changed ,now you can login with you new password') return redirect(url_for('login'))
def reset(): if current_user.is_authenticated: return redirect(url_for('/')) form = ResetForm() if form.validate_on_submit(): if not models.User.query.filter_by( email=form.email.data.lower()).first(): flash("User with email you entered not found!") return redirect(url_for('reset')) else: new_password = getrandompassword() curr = db.session.query( models.User).filter_by(email=form.email.data.lower()).first() curr.password = generate_password_hash(new_password, method='sha256') db.session.commit() msg = Message('Password reset', sender='*****@*****.**', recipients=[form.email.data]) msg.html = 'Your new password is <b>{}</b>, you can change it in account settings'.format( new_password) mail.send(msg) flash("Check your email for further instructions") return redirect(url_for('reset')) return render_template('reset.html', form=form)
def reset(request): if request.method == 'POST': # if form submitted... form = ResetForm(request.POST) if form.is_valid(): username = form.cleaned_data.get("username") user = User.objects.get(username__exact=username) newpass = User.objects.make_random_password(length=8) user.set_password(newpass) user.save() if request.is_secure(): prefix = 'https://' else: prefix = 'http://' # TODO - better way to manage email message content send_mail( 'OppiaMobile: Password reset', 'Here is your new password for OppiaMobile: ' + newpass + '\n\nWhen you next log in you can update your password to something more memorable.' + '\n\n' + prefix + request.META['SERVER_NAME'], settings.SERVER_EMAIL, [user.email], fail_silently=False) return HttpResponseRedirect('sent') else: form = ResetForm() # An unbound form return render(request, 'oppia/profile/reset.html', { 'form': form, })
def login(): if current_user.is_authenticated: return redirect('/') form = LoginForm() form1 = ResetForm() if form.validate_on_submit(): user = db.session.query(models.User).filter_by(email=(form.email.data).lower()).first() if user: if check_password_hash(user.password, form.password.data): login_user(user, remember=form.remember.data) return redirect('/') flash("Invalid email or/and password!") return redirect(url_for('login')) if form1.validate_on_submit(): if not db.session.query(models.User).filter_by(email=form1.email.data.lower()).first(): flash("User with email you entered not found!") return redirect(url_for('login')) else: new_password = getrandompassword() curr = db.session.query(models.User).filter_by(email=form1.email.data.lower()).first() curr.password = generate_password_hash(new_password, method='sha256') db.session.commit() msg = Message('Password reset', sender='*****@*****.**', recipients=[form1.email.data]) msg.html = 'Your new password is <b>{}</b>, you can change it in account settings'.format(new_password) Thread(target=send_async_email, args=(app, msg)).start() flash('Check your email for further instructions') return redirect(url_for('login')) return render_template("login.html", form=form, form1=form1)
def forgot(): form = ResetForm() if (form.validate_on_submit()): user = User.query.filter_by(email=str(form.email.data)).first() forgotpassword(user) flash('Email sent', 'info ') return redirect(url_for('login')) return render_template('forgot.html', title='forgot', form=form)
def resetpasswd(): form = ResetForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user and user.username==form.username.data: hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8') user.password = hashed_password db.session.commit() return redirect('signin') else: flash('Authentication failed: username does not match email','danger') return render_template('forget.html', title="ResetPasswd", form=form)
def reset_password(request, key): if request.method == 'GET': form = ResetForm() elif request.method == 'POST': form = ResetForm(request.POST) if form.is_valid(): form.save(key) resp = render_to_string('forms/reset_password_form.html', {'form' : form}, context(request)) return HttpResponse(resp) else: resp = render_to_string('forms/reset_password_form.html', {'form' : form}, context(request)) return HttpResponseForbidden(resp) return render_to_response('reset.html', {'form' : form}, context(request))
def resetpass(): if(not session.get('phone')): return redirect(url_for('login')) form= ResetForm() if request.method == 'POST': ootp = form.data['otp'] if ootp == session['otp']: if(session.get('log-in')=='reg'): conn.commit() session.pop('log-in', None) session.pop('phone', None) return redirect(url_for('login')) return redirect(url_for('newpass')) else: flash('INVALID OTP', 'danger') return redirect(url_for('resetpass')) otp1 = str(random.randrange(100000, 999999)) print(otp1) URL = 'https://www.way2sms.com/api/v1/sendCampaign' session['otp']=otp1 phone=session['phone'] #resp=sms.sendPostRequest(URL, 'C23FTIDPYUYZVP7UV238S0QC1POBFWMR', 'N1AY9Q2S52NHUADE', 'stage', phone, '9781396442', f"Your OTP (One Time Password) to change your password is: {otp1} Do not share this with anyone! Team college+") #print(resp.text) return render_template('verifyotp.html',form=form)
def passwordreset_request(): form = ResetForm() if request.method == "GET": return render_template('passwordreset.html', form=form) elif request.method == "POST": email = form.email.data.lower().strip() user = User.query.filter_by(email=email).first() if user is None: return redirect(url_for('passwordreset', id='noemail')) first_name = user.first_name email_verify_code = str(uuid.uuid1()).replace("-", "") + str( uuid.uuid1()).replace("-", "") confirmurl = "http://localhost:5000/reset/" + \ email_verify_code session['emailreset'] = email email_user_password_reset(email, confirmurl, first_name) #return email + confirmurl + first_name # "success meet requirements" return redirect(url_for('login', id='emailsent')) return redirect(url_for('passwordreset', id='failed'))
def reset_user_password(): form = ResetForm() if form.validate_on_submit(): form = ResetForm() user_exist = User.query.filter_by( user_first_name=form.user_first_name.data).first() if user_exist and user_exist.user_second_name == form.user_second_name.data and user_exist.user_email == form.user_email.data: user_exist.user_password = form.new_password.data db.session.commit() flash(message="password successful changed for {}".format( form.user_first_name.data)) return redirect(url_for('login')) else: flash(message="your first name,second name or email doesn't exist") return redirect(url_for('reset_user_password')) return render_template('reset_password.html', form=form)
def reset_password(request): if request.method=="POST": form=ResetForm(request.POST) if form.is_valid(): username=form.cleaned_data['username'] user=User.objects.get(username=username) print user user.set_password(str(form.cleaned_data['password'])) user.save() return HttpResponseRedirect('/foodline/login/') else: reg_form=form return render_to_response('re_password.html',locals()) else: form=ResetForm() state="Please enter your new password" return render_to_response('re_password.html',locals())
def render_reset_page(): form = ResetForm() if form.validate_on_submit(): authCode = form.authCode.data password = form.password.data matricID = form.matricID.data query = "SELECT * FROM student WHERE matric_no = '{}'".format(matricID) exists_students = db.session.execute(query).fetchone() if not exists_students: form.matricID.errors.append( "{} is not a valid matricID.".format(matricID)) else: if not authCode: query = "UPDATE student SET authCode = f_random_str(10) WHERE matric_no = '{}'".format( matricID) print(query) db.session.execute(query) db.session.commit() query = "SELECT authcode FROM student WHERE matric_no = '{}'".format( matricID) auth_code = db.session.execute(query).fetchone()[0] query = "SELECT nusnetid FROM studentinfo WHERE matric_no = '{}'".format( matricID) email = db.session.execute(query).fetchone()[0] + "@u.nus.edu" print(auth_code, email) send_mail(email, auth_code, matricID) form.authCode.errors.append( "authCode has been sent to your email, please check.") else: query = "SELECT authcode FROM student WHERE matric_no = '{}'".format( matricID) print(query) correct_authCode = db.session.execute(query).fetchone()[0] if authCode == correct_authCode: query = "UPDATE users SET password = '******' WHERE uname = (SELECT uname FROM student WHERE matric_no = '{}')".format( password, matricID) db.session.execute(query) query = "UPDATE student SET authCode = f_random_str(10) WHERE matric_no = '{}'".format( matricID) db.session.execute(query) db.session.commit() return "<meta http-equiv=\"refresh\" content=\"3;url = /login\" />password-changing successful, you will be redirected to login page in three seconds!" else: form.authCode.errors.append("authcode is invalid") return render_template("reset.html", form=form)
def reset(request): if request.method == 'POST': # if form submitted... form = ResetForm(request.POST) if form.is_valid(): username = form.cleaned_data.get("username") user = User.objects.get(username__exact=username) newpass = User.objects.make_random_password(length=8) user.set_password(newpass) user.save() # TODO - better way to manage email message content send_mail('mQuiz: Password reset', 'Here is your new password for mQuiz: '+newpass + '\n\nWhen you next log in you can update your password to something more memorable.' + '\n\nhttp://mquiz.org', settings.SERVER_EMAIL, [user.email], fail_silently=False) return HttpResponseRedirect('sent') else: form = ResetForm() # An unbound form return render(request, 'mquiz/profile/reset.html', {'form': form,})
def login(request): otherVars = {} # print resolve(request.path_info).url_name otherVars['pageType'] = 'login' if request.user.is_authenticated(): return HttpResponseRedirect(reverse('patientView')) # If the form has been submitted... if request.method == 'POST': if '_login' in request.POST: # A form bound to the POST data formLogin = LoginForm(None, request.POST) formReset = ResetForm() # input validation for login form if formLogin.is_valid(): auth.login(request, formLogin.get_user()) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if formLogin.cleaned_data['rememberuser'] == True: request.session.set_expiry(datetime.utcnow().replace(tzinfo=utc) + timedelta(days=10)) else: request.session.set_expiry(0) return HttpResponseRedirect(reverse('patientView')) otherVars['loginActive'] = 'Y' if '_reset' in request.POST: formReset = ResetForm(request.POST) formLogin = LoginForm() else: # An unbound form formLogin = LoginForm(request) formReset = ResetForm() otherVars['loginActive'] = 'Y' request.session.set_test_cookie() return render(request, 'main/login.html', { 'formLogin': formLogin, 'formReset': formReset, 'otherVars': otherVars, })
def reset(reset_key): user = get_user_by_reset_key(reset_key) if user is None: flash(_(u'Invalid password reset link'), 'error') return redirect(url_for('troikas')) resetform = ResetForm() reseterrors = [] if resetform.validate_on_submit(): user.password = hash_password(resetform.password.data) user.password_reset_key = None user.password_reset_expire = None session['email'] = user.email save_user(user) flash(_(u'Password reset successful, you were logged in')) return redirect(url_for('troikas')) if resetform.errors: for key, value in resetform.errors.items(): reseterrors.append(key + ': ' + value[0]) return render_template('reset.html', resetform=resetform, reseterrors=reseterrors)
def reset(): form = ResetForm() if form.validate_on_submit(): if request.method == 'POST': global a results = request.form values = list(results.values()) if values[1] == values[2]: cursor = connection1.cursor() update = ("UPDATE signin SET password =? where empid ='" + a + "'") hashed_password = bcrypt.generate_password_hash( values[1]).decode('utf-8') values = [hashed_password] cursor.execute(update, values) connection1.commit() return redirect(url_for('login')) else: flash('Please enter same password in both fields', 'danger') return render_template('reset.html', form=form)
def reset_password(): form = ResetForm() connection = get_connection() cursor = get_cursor() if session['reset_ok'] and session[ 'reset_user_id'] is not None and form.validate_on_submit(): with connection: with cursor: try: cursor.execute( "UPDATE user_account SET password = %s WHERE id = %s", (generate_password_hash( form.password.data), session['reset_user_id'])) flash("Reset successful!", 'success') return redirect(url_for("auth.login")) except Exception as e: error = "Something went wrong. Please try again later" current_app.logger.error(e) flash(error, 'error') return render_template("auth/password_reset.html", form=form)
def reset(): form = ResetForm() print(form.errors) if form.is_submitted(): print("submitted") print(form.errors) print('Estoy acá1') # print(form.validate_on_submit()) if form.validate_on_submit(): print('Estoy acá2') return redirect( url_for( 'routes.output', msg="<h4>Por el momento el sistema de recuperación de \ contraseña no esta implementado y no creo que \ lo este en por un tiempo largo</h4>" ) ) return render_template('auth/reset.html', form=form)
def reset(): form = ResetForm() if form.validate_on_submit(): flash('Password is restored', 'success') return redirect(url_for('login')) return render_template('reset.html', title='Reset password', form=form)