def create_password_reset_request(db_session, username):
try:
user = db_session.query(User). \
filter_by(username=username).one()
except orm_exceptions.NoResultFound:
raise HTTPRequestError(404, 'User not found')
# verify if this user have an active password reset request
old_request = db_session.query(PasswordRequest). \
filter_by(user_id=user.id).one_or_none()
if old_request and check_request_validity(db_session, old_request):
raise HTTPRequestError(409, 'You have a password reset'
' request in progress')
request_dict = {
'user_id': user.id,
'link': str(binascii.hexlify(os.urandom(16)), 'ascii')
}
password_request = PasswordRequest(**request_dict)
db_session.add(password_request)
with open('templates/passwordReset.html', 'r') as f:
html = f.read()
reset_link = conf.resetPwdView + request_dict['link']
html = html.format(name=user.name, link=reset_link)
send_mail(user.email, 'Password Reset', html)
def create_password_set_request(db_session, user):
# verify if this user have an active password reset request
request_dict = {
'user_id': user.id,
'link': str(binascii.hexlify(os.urandom(16)), 'ascii')
}
password_request = PasswordRequest(**request_dict)
db_session.add(password_request)
with open('templates/passwordSet.html', 'r') as f:
html = f.read()
reset_link = conf.resetPwdView + request_dict['link']
html = html.format(name=user.name, link=reset_link, username=user.username)
send_mail(user.email, 'Account Activation', html)