Esempio n. 1
0
def password_email(user):
    """
    For resetting a user's password.
    """
    from r2.lib.pages import PasswordReset

    reset_count_key = "email-reset_count_%s" % user._id
    g.cache.add(reset_count_key, 0, time=3600 * 12)
    if g.cache.incr(reset_count_key) > 3:
        return False

    reset_count_global = "email-reset_count_global"
    g.cache.add(reset_count_global, 0, time=3600)
    if g.cache.incr(reset_count_global) > 1000:
        raise ValueError(
            "Somebody's beating the hell out of the password reset box")

    token = PasswordResetToken._new(user)
    base = g.https_endpoint or g.origin
    passlink = base + '/resetpassword/' + token._id
    g.log.info("Generated password reset link: " + passlink)
    _system_email(
        user.email,
        PasswordReset(user=user, passlink=passlink).render(style='email'),
        Email.Kind.RESET_PASSWORD,
        user=user,
    )
    return True
Esempio n. 2
0
def password_email(user):
    """
    For resetting a user's password.
    """
    from r2.lib.pages import PasswordReset

    reset_count_key = "email-reset_count_%s" % user._id
    g.cache.add(reset_count_key, 0, time=3600 * 12)
    if g.cache.incr(reset_count_key) > 3:
        return False

    reset_count_global = "email-reset_count_global"
    g.cache.add(reset_count_global, 0, time=3600)
    if g.cache.incr(reset_count_global) > 1000:
        raise ValueError("Somebody's beating the hell out of the password reset box")

    token = PasswordResetToken._new(user)
    base = g.https_endpoint or g.origin
    passlink = base + '/resetpassword/' + token._id
    g.log.info("Generated password reset link: " + passlink)
    _system_email(user.email,
                  PasswordReset(user=user,
                                passlink=passlink).render(style='email'),
                  Email.Kind.RESET_PASSWORD)
    return True
Esempio n. 3
0
def password_email(user):
    """
    For resetting a user's password.
    """
    from r2.lib.pages import PasswordReset

    user_reset_ratelimit = SimpleRateLimit(
        name="email_reset_count_%s" % user._id36,
        seconds=int(datetime.timedelta(hours=12).total_seconds()),
        limit=3,
    )
    if not user_reset_ratelimit.record_and_check():
        return False

    global_reset_ratelimit = SimpleRateLimit(
        name="email_reset_count_global",
        seconds=int(datetime.timedelta(hours=1).total_seconds()),
        limit=1000,
    )
    if not global_reset_ratelimit.record_and_check():
        raise ValueError("password reset ratelimit exceeded")

    token = PasswordResetToken._new(user)
    base = g.https_endpoint or g.origin
    passlink = base + '/resetpassword/' + token._id
    g.log.info("Generated password reset link: " + passlink)
    _system_email(
        user.email,
        PasswordReset(user=user, passlink=passlink).render(style='email'),
        Email.Kind.RESET_PASSWORD,
        user=user,
    )
    return True
Esempio n. 4
0
def password_email(user):
    """
    For resetting a user's password.
    """
    from r2.lib.pages import PasswordReset

    user_reset_ratelimit = SimpleRateLimit(
        name="email_reset_count_%s" % user._id36,
        seconds=int(datetime.timedelta(hours=12).total_seconds()),
        limit=3,
    )
    if not user_reset_ratelimit.record_and_check():
        return False

    global_reset_ratelimit = SimpleRateLimit(
        name="email_reset_count_global",
        seconds=int(datetime.timedelta(hours=1).total_seconds()),
        limit=1000,
    )
    if not global_reset_ratelimit.record_and_check():
        raise ValueError("password reset ratelimit exceeded")

    token = PasswordResetToken._new(user)
    base = g.https_endpoint or g.origin
    passlink = base + '/resetpassword/' + token._id
    g.log.info("Generated password reset link: " + passlink)
    _system_email(user.email,
                  PasswordReset(user=user,
                                passlink=passlink).render(style='email'),
                  Email.Kind.RESET_PASSWORD,
                  user=user,
                  )
    return True
Esempio n. 5
0
    def setUp(self):
        super(ResetPasswordTest, self).setUp()

        self.user = MagicMock(name="user")
        self.user._fullname = "test_user"
        self.user.email = "*****@*****.**"
        self.user._banned = False
        self.user.password = CURRENT_PW_BCRYPT

        self.token = PasswordResetToken._new(self.user)
Esempio n. 6
0
    def setUp(self):
        super(ResetPasswordTest, self).setUp()

        self.user = MagicMock(name="user")
        self.user._fullname = "test_user"
        self.user.email = "*****@*****.**"
        self.user._banned = False
        self.user.password = CURRENT_PW_BCRYPT

        self.token = PasswordResetToken._new(self.user)