コード例 #1
0
    def post(self, passwordResetId):
        try:
            user = AuthenticationService.checkUserResetID(passwordResetId)
            if ("password" not in request.form):
                return Response("Please provide a new password.", status=400)

            newPassword = request.form["password"]
            confirmPassword = request.form["confirmPassword"]

            if (newPassword != confirmPassword):
                return Response(
                    "Password and Confirm Password fields must be the same",
                    status=403)

            if (AuthenticationService.resetPasswordSame(user, newPassword)):
                return Response(
                    "Please choose a password that you haven't used before",
                    status=403)

            AuthenticationService.setUserResetID(user, "")
            AuthenticationService.changePassword(user.email, newPassword)
            return Response("Password sucessfully updated", status=200)
        except:
            return Response(
                "Your password reset link is either invalid or expired. Please request a new one.",
                status=403)
コード例 #2
0
 def post(self):
     try:
         user = AuthenticationService.getUser(email=request.form["email"])
         passwordResetId = uuid4()
         AuthenticationService.setUserResetID(user, passwordResetId)
         try:
             subject = "Reset Password"
             html = f"<p>We heard you lost your password. No worries, just click the link below to reset your password.</p><p>You can safely ignore this email if you did not request a password reset</p><br/><a href=\"{app.rootUrl}/reset-password/{passwordResetId}\"> Reset password </a><br/>"
             MailService.sendMessage(user, subject, html)
             return Response(
                 "An email with instructions to reset your password has been sent to the provided email.",
                 status=200)
         except:
             return Response(
                 "Unable to send password reset email. Please try again later.",
                 status=400)
     except:
         return Response(
             "No account with given email found. Please try creating a new account.",
             status=403)