def reset_password_with_email(self, request): form = PasswordResetFormNoActive(request.DATA) if form.is_valid(): form.save(use_https=request.is_secure(), from_email=settings.DEFAULT_FROM_EMAIL, request=request, domain_override=request.get_host())
def post(self, request, format=None): """ Reset password """ form = PasswordResetFormNoActive(request.POST) if form.is_valid(): form.save(use_https=request.is_secure(), from_email=settings.DEFAULT_FROM_EMAIL, request=request, domain_override=request.get_host()) return Response({'success': True}) else: return Response({'success': False, 'error': _('Invalid e-mail')}, status=status.HTTP_400_BAD_REQUEST)
def password_reset(request): ''' Attempts to send a password reset e-mail. ''' if request.method != "POST": raise Http404 form = PasswordResetFormNoActive(request.POST) if form.is_valid(): form.save(use_https=request.is_secure(), from_email=settings.DEFAULT_FROM_EMAIL, request=request, domain_override=request.get_host()) return HttpResponse(json.dumps({'success': True, 'value': render_to_string('registration/password_reset_done.html', {})})) else: return HttpResponse(json.dumps({'success': False, 'error': 'Invalid e-mail or user'}))
def send_password_reset_email(request): """Copied/modified from appsembler_api.utils in enterprise Ginkgo Copied the template files from enterprise Ginkgo LMS templates """ form = PasswordResetFormNoActive(request.data) if form.is_valid(): form.save( use_https=request.is_secure(), from_email=configuration_helpers.get_value( 'email_from_address', settings.DEFAULT_FROM_EMAIL), request=request, domain_override=request.get_host(), subject_template_name='youngsphere/emails/set_password_subject.txt', email_template_name='youngsphere/emails/set_password_email.html') return True else: return False
def password_reset(request): """ Attempts to send a password reset e-mail. """ # Add some rate limiting here by re-using the RateLimitMixin as a helper class limiter = BadRequestRateLimiter() if limiter.is_rate_limit_exceeded(request): AUDIT_LOG.warning("Rate limit exceeded in password_reset") return HttpResponseForbidden() form = PasswordResetFormNoActive(request.POST) if form.is_valid(): form.save(use_https=request.is_secure(), from_email=configuration_helpers.get_value( 'email_from_address', settings.DEFAULT_FROM_EMAIL), request=request) # When password change is complete, a "edx.user.settings.changed" event will be emitted. # But because changing the password is multi-step, we also emit an event here so that we can # track where the request was initiated. tracker.emit( SETTING_CHANGE_INITIATED, { "setting": "password", "old": None, "new": None, "user_id": request.user.id, }) destroy_oauth_tokens(request.user) else: # bad user? tick the rate limiter counter AUDIT_LOG.info("Bad password_reset user passed in.") limiter.tick_bad_request_counter(request) return JsonResponse({ 'success': True, 'value': render_to_string('registration/password_reset_done.html', {}), })
def password_reset(request): """ Attempts to send a password reset e-mail. """ # Add some rate limiting here by re-using the RateLimitMixin as a helper class limiter = BadRequestRateLimiter() if limiter.is_rate_limit_exceeded(request): AUDIT_LOG.warning("Rate limit exceeded in password_reset") return HttpResponseForbidden() form = PasswordResetFormNoActive(request.POST) if form.is_valid(): form.save(use_https=request.is_secure(), from_email=configuration_helpers.get_value('email_from_address', settings.DEFAULT_FROM_EMAIL), request=request) # When password change is complete, a "edx.user.settings.changed" event will be emitted. # But because changing the password is multi-step, we also emit an event here so that we can # track where the request was initiated. tracker.emit( SETTING_CHANGE_INITIATED, { "setting": "password", "old": None, "new": None, "user_id": request.user.id, } ) destroy_oauth_tokens(request.user) else: # bad user? tick the rate limiter counter AUDIT_LOG.info("Bad password_reset user passed in.") limiter.tick_bad_request_counter(request) return JsonResponse({ 'success': True, 'value': render_to_string('registration/password_reset_done.html', {}), })
def password_reset(request): ''' Attempts to send a password reset e-mail. ''' if request.method != "POST": raise Http404 form = PasswordResetFormNoActive(request.POST) if form.is_valid(): form.save(use_https=request.is_secure(), from_email=settings.DEFAULT_FROM_EMAIL, request=request, domain_override=request.get_host()) return HttpResponse( json.dumps({ 'success': True, 'value': render_to_string('registration/password_reset_done.html', {}) })) else: return HttpResponse( json.dumps({ 'success': False, 'error': 'Invalid e-mail or user' }))