def reset_user_password(self):
user = User.query.get(request.args['model_id'])
new_pwd = request.form['new_password']
return_url = request.headers['Referer']
if user is None:
flash(gettext('User not found. Please try again.'), 'error')
return redirect(return_url)
if len(new_pwd) < 6:
flash(
gettext(
'A password must contain at least 6 characters. Please try again.'
), 'error')
return redirect(return_url)
if ' ' in new_pwd:
flash(
gettext('Passwords cannot contain spaces. Please try again.'),
'error')
return redirect(return_url)
change_user_password(user, new_pwd)
db.session.commit()
flash(
gettext(
'The password has been changed successfully. A notification has been sent to %s.'
% user.email))
return redirect(return_url)
def change_password():
"""View function which handles a change password request."""
has_error = False
form_class = _security.change_password_form
if request.json:
form = form_class(MultiDict(request.json))
else:
form = form_class()
if form.validate_on_submit():
try:
change_user_password(current_user, form.new_password.data)
except SOCKETErrorException as e:
# Handle socket errors which are not covered by SMTPExceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(u'SMTP Socket error: {}\n'
u'Your password has not been changed.'
).format(e),
'danger')
has_error = True
except (SMTPConnectError, SMTPResponseException,
SMTPServerDisconnected, SMTPDataError, SMTPHeloError,
SMTPException, SMTPAuthenticationError, SMTPSenderRefused,
SMTPRecipientsRefused) as e:
# Handle smtp specific exceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(u'SMTP error: {}\n'
u'Your password has not been changed.'
).format(e),
'danger')
has_error = True
except Exception as e:
# Handle other exceptions.
logging.exception(str(e), exc_info=True)
flash(
gettext(
u'Error: {}\n'
u'Your password has not been changed.'
).format(e),
'danger'
)
has_error = True
if request.json is None and not has_error:
after_this_request(_commit)
do_flash(*get_message('PASSWORD_CHANGE'))
return redirect(get_url(_security.post_change_view) or
get_url(_security.post_login_view))
if request.json and not has_error:
form.user = current_user
return _render_json(form)
return _security.render_template(
config_value('CHANGE_PASSWORD_TEMPLATE'),
change_password_form=form,
**_ctx('change_password'))
def change_password():
"""View function which handles a change password request."""
has_error = False
form_class = _security.change_password_form
if request.json:
form = form_class(MultiDict(request.json))
else:
form = form_class()
if form.validate_on_submit():
try:
change_user_password(current_user, form.new_password.data)
except SOCKETErrorException as e:
# Handle socket errors which are not covered by SMTPExceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(u'SMTP Socket error: {}\n'
u'Your password has not been changed.'
).format(e),
'danger')
has_error = True
except (SMTPConnectError, SMTPResponseException,
SMTPServerDisconnected, SMTPDataError, SMTPHeloError,
SMTPException, SMTPAuthenticationError, SMTPSenderRefused,
SMTPRecipientsRefused) as e:
# Handle smtp specific exceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(u'SMTP error: {}\n'
u'Your password has not been changed.'
).format(e),
'danger')
has_error = True
except Exception as e:
# Handle other exceptions.
logging.exception(str(e), exc_info=True)
flash(
gettext(
u'Error: {}\n'
u'Your password has not been changed.'
).format(e),
'danger'
)
has_error = True
if request.json is None and not has_error:
after_this_request(_commit)
do_flash(*get_message('PASSWORD_CHANGE'))
return redirect(get_url(_security.post_change_view) or
get_url(_security.post_login_view))
if request.json and not has_error:
form.user = current_user
return _render_json(form)
return _security.render_template(
config_value('CHANGE_PASSWORD_TEMPLATE'),
change_password_form=form,
**_ctx('change_password'))
def change_password():
"""View function which handles a change password request."""
has_error = False
form_class = _security.change_password_form
if request.json:
form = form_class(MultiDict(request.json))
else:
form = form_class()
if form.validate_on_submit():
try:
change_user_password(current_user._get_current_object(),
form.new_password.data)
except SOCKETErrorException as e:
# Handle socket errors which are not covered by SMTPExceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(SMTP_SOCKET_ERROR).format(e), 'danger')
has_error = True
except (SMTPConnectError, SMTPResponseException,
SMTPServerDisconnected, SMTPDataError, SMTPHeloError,
SMTPException, SMTPAuthenticationError, SMTPSenderRefused,
SMTPRecipientsRefused) as e:
# Handle smtp specific exceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(SMTP_ERROR).format(e), 'danger')
has_error = True
except Exception as e:
# Handle other exceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(PASS_ERROR).format(e), 'danger')
has_error = True
if request.json is None and not has_error:
after_this_request(view_commit)
do_flash(*get_message('PASSWORD_CHANGE'))
old_key = get_crypt_key()[1]
set_crypt_key(form.new_password.data, False)
from pgadmin.browser.server_groups.servers.utils \
import reencrpyt_server_passwords
reencrpyt_server_passwords(current_user.id, old_key,
form.new_password.data)
return redirect(
get_url(_security.post_change_view)
or get_url(_security.post_login_view))
if request.json and not has_error:
form.user = current_user
return default_render_json(form)
return _security.render_template(
config_value('CHANGE_PASSWORD_TEMPLATE'),
change_password_form=form,
**_ctx('change_password'))
def change_password():
user = current_user._get_current_object()
form = _security.change_password_form(MultiDict(request.get_json()))
if form.validate_on_submit():
after_this_request(_commit)
change_user_password(user, form.newPassword.data)
else:
return jsonify({'errors': form.errors}), HTTPStatus.BAD_REQUEST
return jsonify({'token': user.get_auth_token()})
def after_model_change(self, form, model, is_created):
if form["new_password"].data:
if not current_app.debug:
change_user_password(model, form["new_password"].data)
else:
model.password = hash_password(form["new_password"].data)
db.session.commit()
flash(gettext("The password has been changed successfully."))
for field in (f for f in form if f.name.startswith(_prefix)):
fname = _unwrap_field(field.name)
if fname not in model.profile:
model.profile.extras[fname] = ProfileExtras(key=fname)
model.profile[fname] = field.data
db.session.commit()
def change_password(self):
schema = RELS['v1.AuthView:change'][request.method]
args = change_password_options.parse_args()
try:
validate(args, schema, format_checker=FormatChecker())
except ValidationError as e:
return dict(status=400, message=e.message), 400
if not verify_password(args.get('old'), current_user.password):
return dict(status=409, message='Invalid credentials'), 409
change_user_password(current_user, password=args.get('new'))
return {'status': 200, 'message': 'Password updated', 'user': generate_response_dict(user=current_user)}
def post(self, user_id=None, user=None):
""" Update a user """
if user is None:
user = user_or_404(user_id)
args = USER_EDIT_PARSER.parse_args(strict=True)
args = clean_attrs(args)
try:
new_password = args.pop('password')
except KeyError:
pass
else:
change_user_password(user, new_password)
rest_set_roles_perms(user, args.pop('roles'))
return self.handle_write(user, data=args)
def admin_user_reset_password(user_id):
user = models.RegisteredUser.query.get_or_404(user_id)
if user.is_ldap:
message = (
'The password can be changed only from the EIONET website ' + '(' +
os.environ.get('EEA_PASSWORD_RESET') + ').')
return render_template('message.html', message=message)
form = ResetPasswordForm()
if form.validate_on_submit():
change_user_password(user, form.password.data)
models.db.session.commit()
msg = "Password successfully reseted."
flash(msg, 'success')
return render_template('auth/admin_user_reset_password.html', **{
'user': user,
'form': form,
})
def change_password():
if current_user.is_anonymous:
message = "You must log in before changing your password."
return render_template('message.html', message=message)
if current_user.is_ldap:
message = (
'Your password can be changed only from the EIONET website ' +
'(' + os.environ.get('EEA_PASSWORD_RESET') + ').')
return render_template('message.html', message=message)
form = ChangePasswordForm()
if form.validate_on_submit():
change_user_password(current_user, form.new_password.data)
models.db.session.commit()
msg = "Your password has been changed. Please log in again."
flash(msg, 'success')
return redirect(url_for(HOMEPAGE_VIEW_NAME))
return render_template('auth/change_password.html', **{
'form': form,
})
