def reset_password_start(self): if self.request.settings.archive_mode: self.request.session.flash(("Password reset impossible in " "archive mode."), 'error') return HTTPFound(location=self.request.route_url('home')) form = ForgotPasswordForm(self.request.POST, csrf_context=self.request) retparams = {'form': form} if self.request.method == 'POST': if not form.validate(): return retparams password_reminder(form.email.data, self.request) self.request.session.flash("An email has been sent to the " "provided address with further " "information.") return HTTPFound( location=self.request.route_url('reset-password-start') ) return retparams
def test_password_reminer_wrong_mail(self): t = self.make_team() self.dbsession.add(t) assert t.reset_token is None assert password_reminder("*****@*****.**", self.request) is None assert t.reset_token is None assert len(self.mailer.outbox) == 1 mail = self.mailer.outbox[0] assert re.match(r"Password Reset for hack.lu CTF \d{4}", mail.subject) assert mail.recipients == ["*****@*****.**"] assert "but we have no team for this address in our database" in mail.html
def test_password_reminder(self): t = self.make_team() self.dbsession.add(t) assert t.reset_token is None assert password_reminder("*****@*****.**", self.request) == t assert len(t.reset_token) == 64 assert len(self.mailer.outbox) == 1 mail = self.mailer.outbox[0] assert re.match(r"Password Reset for hack.lu CTF \d{4}", mail.subject) assert mail.recipients == ["*****@*****.**"] assert "You have requested to reset your password." in mail.html