def __post_recovery(self, **post): try: data = Bunch(reset_password_form.native(post)[0]) except Exception as e: if config.get('debug', False): raise return 'json:', dict(success=False, message=_("Unable to parse data."), data=post, exc=str(e)) recovery = self.__get_recovery(data.email, data.recovery_key) if not recovery: return 'json:', dict(success=False, message=_("Sorry that recovery link has already expired"), location="/account/recover") passwd_ok, error_msg = _check_password(data.password, data.pass2) if not passwd_ok: return 'json:', dict(success=False, message=error_msg) #If the password isn't strong enough, reject it if(zxcvbn.password_strength(data.password).get("score") < MINIMUM_PASSWORD_STRENGTH): return 'json:', dict(success=False, message=_("Password provided is too weak. please add more characters, or include lowercase, uppercase, and special characters."), data=data) #set new password user = recovery.user user.password = data.password user.save() #remove recovery key recovery.delete() authenticate(user.username, data.password) return 'json:', dict(success=True, message=_("Password changed, forwarding ..."), location="/")
def get(self, redirect=None, **get): if redirect is None: referrer = request.referrer redirect = '/' if not referrer or referrer.endswith(request.script_name) else referrer try: data = Bunch(reset_password_form.native(get)[0]) except Exception as e: if config.get('debug', False): raise raise HTTPFound(location='/') # Todo redirect to recover with error message if not data.recovery_key: # no key passed, so show email entry form = recover_form(dict(redirect=redirect)) button_label = _("Recover") else: form = reset_password_form(dict(email=data.email, recovery_key=data.recovery_key)) button_label = _("Set Password") return "brave.core.account.template.recover", dict(form=form, button_label=str(button_label))
def __post_recovery(self, **post): try: data = Bunch(reset_password_form.native(post)[0]) except Exception as e: if config.get('debug', False): raise return 'json:', dict(success=False, message=_("Unable to parse data."), data=post, exc=str(e)) recovery = self.__get_recovery(data.email, data.recovery_key) if not recovery: return 'json:', dict( success=False, message=_("Sorry that recovery link has already expired"), location="/account/recover") passwd_ok, error_msg = _check_password(data.password, data.pass2) if not passwd_ok: return 'json:', dict(success=False, message=error_msg) #If the password isn't strong enough, reject it if (zxcvbn.password_strength(data.password).get("score") < MINIMUM_PASSWORD_STRENGTH): return 'json:', dict( success=False, message= _("Password provided is too weak. please add more characters, or include lowercase, uppercase, and special characters." ), data=data) #set new password user = recovery.user user.password = data.password user.save() #remove recovery key recovery.delete() authenticate(user.username, data.password) return 'json:', dict(success=True, message=_("Password changed, forwarding ..."), location="/")
def get(self, redirect=None, **get): if redirect is None: referrer = request.referrer redirect = '/' if not referrer or referrer.endswith( request.script_name) else referrer try: data = Bunch(reset_password_form.native(get)[0]) except Exception as e: if config.get('debug', False): raise raise HTTPFound( location='/') # Todo redirect to recover with error message if not data.recovery_key: # no key passed, so show email entry form = recover_form(dict(redirect=redirect)) button_label = _("Recover") else: form = reset_password_form( dict(email=data.email, recovery_key=data.recovery_key)) button_label = _("Set Password") return "brave.core.account.template.recover", dict( form=form, button_label=str(button_label))