def get_reset_link(**_): """ Send a reset link via email to the email address specified Variables: None Arguments: None Data Block: { "email": <EMAIL ADDRESS TO RESET PASSWORD> } Result example: { "success": true } """ if not config.auth.internal.signup.enabled: return make_api_response({"success": False}, "Signup process has been disabled", 403) try: data = request.json except BadRequest: data = request.values email = data.get('email', None) if email and STORAGE.user.search(f"email:{email.lower()}").get('total', 0) == 1: key = hashlib.sha256( get_random_password(length=512).encode('utf-8')).hexdigest() # noinspection PyBroadException try: send_reset_email(email, key) get_reset_queue(key).add(email) return make_api_response({"success": True}) except Exception: make_api_response( {"success": False}, "The system failed to send the password reset link.", 400) return make_api_response( {"success": False}, "We have no record of this email address in our system.", 400)
def reset(): if not config.auth.internal.signup.enabled: return redirect(redirect_helper("/")) reset_id = request.args.get('reset_id', "") if reset_id and get_reset_queue(reset_id).length() == 0: reset_id = "" return custom_render("reset.html", reset_id=reset_id)
def reset_pwd(**_): """ Reset the password for the specified reset ID Variables: None Arguments: None Data Block: { "reset_id": <RESET_HASH>, "password": <PASSWORD TO RESET TO>, "password_confirm": <CONFIRMATION OF PASSWORD TO RESET TO> } Result example: { "success": true } """ if not config.auth.internal.signup.enabled: return make_api_response({"success": False}, "Signup process has been disabled", 403) data = request.json if not data: data = request.values reset_id = data.get('reset_id', None) password = data.get('password', None) password_confirm = data.get('password_confirm', None) if reset_id and password and password_confirm: if password != password_confirm: return make_api_response({"success": False}, err="Password mismatch", status_code=469) password_requirements = config.auth.internal.password_requirements.as_primitives( ) if not check_password_requirements(password, **password_requirements): error_msg = get_password_requirement_message( **password_requirements) return make_api_response({"success": False}, error_msg, 469) try: reset_queue = get_reset_queue(reset_id) members = reset_queue.members() reset_queue.delete() if members: email = members[0] res = STORAGE.user.search(f"email:{email}") if res.get('total', 0) == 1: user = STORAGE.user.get(res['items'][0].uname) user.password = get_password_hash(password) STORAGE.user.save(user.uname, user) return make_api_response({"success": True}) except Exception: pass return make_api_response({"success": False}, err="Invalid parameters passed", status_code=400)