def check_valid_signup_webapp(request):
contact_ok = request.json.get("contact_ok")
password = request.json.get("password")
email = request.json.get("email")
_check_email_is_present(email)
_check_valid_contact_ok(contact_ok)
_check_password_is_present(password)
check_password_strength("password", password)
def reset_password(body: ResetPasswordRequest) -> None:
check_password_strength("newPassword", body.new_password)
user = users_repo.get_user_with_valid_token(body.reset_password_token, [TokenType.RESET_PASSWORD])
if not user:
raise ApiErrors({"token": ["Le token de changement de mot de passe est invalide."]})
user.setPassword(body.new_password)
user.isEmailValidated = True
repository.save(user)
def check_valid_signup_pro(request):
contact_ok = request.json.get("contact_ok")
password = request.json.get("password")
email = request.json.get("email")
phone_number = request.json.get("phoneNumber")
_check_email_is_present(email)
_check_valid_contact_ok(contact_ok)
_check_phone_number_is_present(phone_number)
_check_password_is_present(password)
check_password_strength("password", password)
def change_password(user: User, body: ChangePasswordRequest) -> None:
try:
users_repo.check_user_and_credentials(user, body.current_password)
except users_exceptions.InvalidIdentifier:
raise ApiErrors({"code": "INVALID_PASSWORD", "currentPassword": ["Le mot de passe est incorrect"]})
except users_exceptions.CredentialsException:
raise ForbiddenError()
try:
check_password_strength("newPassword", body.new_password)
except ApiErrors:
raise ApiErrors({"code": "WEAK_PASSWORD", "newPassword": ["Le nouveau mot de passe est trop faible"]})
user.setPassword(body.new_password)
repository.save(user)
def post_new_password():
validate_new_password_request(request)
token = request.get_json()["token"]
new_password = request.get_json()["newPassword"]
user = find_user_by_reset_password_token(token)
if not user:
errors = ApiErrors()
errors.add_error(
"token", "Votre lien de changement de mot de passe est invalide.")
raise errors
check_reset_token_validity(user)
check_password_strength("newPassword", new_password)
user.setPassword(new_password)
if not user.isEmailValidated:
user.isEmailValidated = True
repository.save(user)
return "", 204
def post_new_password():
validate_new_password_request(request)
token = request.get_json()["token"]
new_password = request.get_json()["newPassword"]
check_password_strength("newPassword", new_password)
user = users_repo.get_user_with_valid_token(token,
[TokenType.RESET_PASSWORD])
if not user:
errors = ApiErrors()
errors.add_error(
"token", "Votre lien de changement de mot de passe est invalide.")
raise errors
user.setPassword(new_password)
if not user.isEmailValidated:
user.isEmailValidated = True
update_external_user(user)
repository.save(user)
return "", 204
def validate_password_strength(cls, password: str) -> str: # typing: ignore # pylint: disable=no-self-argument
check_password_strength("password", password)
return password