def post(self, passwordResetId):
try:
user = AuthenticationService.checkUserResetID(passwordResetId)
if ("password" not in request.form):
return Response("Please provide a new password.", status=400)
newPassword = request.form["password"]
confirmPassword = request.form["confirmPassword"]
if (newPassword != confirmPassword):
return Response(
"Password and Confirm Password fields must be the same",
status=403)
if (AuthenticationService.resetPasswordSame(user, newPassword)):
return Response(
"Please choose a password that you haven't used before",
status=403)
AuthenticationService.setUserResetID(user, "")
AuthenticationService.changePassword(user.email, newPassword)
return Response("Password sucessfully updated", status=200)
except:
return Response(
"Your password reset link is either invalid or expired. Please request a new one.",
status=403)
def post(self):
try:
user = AuthenticationService.getUser(email=request.form["email"])
passwordResetId = uuid4()
AuthenticationService.setUserResetID(user, passwordResetId)
try:
subject = "Reset Password"
html = f"<p>We heard you lost your password. No worries, just click the link below to reset your password.</p><p>You can safely ignore this email if you did not request a password reset</p><br/><a href=\"{app.rootUrl}/reset-password/{passwordResetId}\"> Reset password </a><br/>"
MailService.sendMessage(user, subject, html)
return Response(
"An email with instructions to reset your password has been sent to the provided email.",
status=200)
except:
return Response(
"Unable to send password reset email. Please try again later.",
status=400)
except:
return Response(
"No account with given email found. Please try creating a new account.",
status=403)