def forgot_password(self): req = self.request schema = req.registry.getUtility(IForgotPasswordSchema) schema = schema().bind(request=req) form = req.registry.getUtility(IForgotPasswordForm) form = form(schema) if req.method == 'GET': if req.user: return HTTPFound(location=self.forgot_password_redirect_view) else: return {'form': form.render()} # From here on, we know it's a POST. Let's validate the form controls = req.POST.items() try: captured = form.validate(controls) except deform.ValidationFailure as e: # This catches if the email does not exist, too. return {'form': e.render(), 'errors': e.error.children} credential_activity_service = get_credential_activity_service(self.request) # Process valid form email = captured["email"] try: return credential_activity_service.create_forgot_password_request(email) except CannotResetPasswordException as e: messages.add(self.request, msg=str(e), msg_id="msg-cannot-reset-password", kind="error") return {'form': form.render()}
def reset_password(request: Request) -> dict: """Reset password view. User arrives on the page and enters the new password. :param request: Pyramid request. :return: Context to be used by the renderer. """ schema = request.registry.getUtility(IResetPasswordSchema) schema = schema().bind(request=request) form = request.registry.getUtility(IResetPasswordForm) form = form(schema) code = request.matchdict.get('code', None) credential_activity_service = get_credential_activity_service(request) user = credential_activity_service.get_user_for_password_reset_token(code) if not user: raise HTTPNotFound("Invalid password reset code") if request.method == 'POST': try: controls = request.POST.items() captured = form.validate(controls) except deform.ValidationFailure as e: return {'form': e.render(), 'errors': e.error.children} password = captured['password'] return credential_activity_service.reset_password(code, password) # Question screen return {'form': form.render(appstruct=dict(user=user.friendly_name))}
def forgot_password(request: Request) -> dict: """Forgot password screen. :param request: Pyramid request. :return: Context to be used by the renderer. """ schema = request.registry.getUtility(IForgotPasswordSchema) schema = schema().bind(request=request) form = request.registry.getUtility(IForgotPasswordForm) form = form(schema) if request.method == 'POST': # From here on, we know it's a POST. Let's validate the form controls = request.POST.items() try: captured = form.validate(controls) except deform.ValidationFailure as e: # This catches if the email does not exist, too. return {'form': e.render(), 'errors': e.error.children} credential_activity_service = get_credential_activity_service(request) # Process valid form email = captured["email"] try: return credential_activity_service.create_forgot_password_request( email) except CannotResetPasswordException as e: messages.add(request, msg=str(e), msg_id="msg-cannot-reset-password", kind="error") return {'form': form.render()} return {'form': form.render()}
def reset_password(self): """Perform the actual reset based on the email reset link. User arrives on the page and enters the new password. """ schema = self.request.registry.getUtility(IResetPasswordSchema) schema = schema().bind(request=self.request) form = self.request.registry.getUtility(IResetPasswordForm) form = form(schema) code = self.request.matchdict.get('code', None) credential_activity_service = get_credential_activity_service(self.request) user = credential_activity_service.get_user_for_password_reset_token(code) if not user: raise HTTPNotFound("Invalid password reset code") if self.request.method == 'GET': return { 'form': form.render( appstruct=dict( user=user.friendly_name ) ) } elif self.request.method == 'POST': try: controls = self.request.POST.items() captured = form.validate(controls) except deform.ValidationFailure as e: return {'form': e.render(), 'errors': e.error.children} password = captured['password'] return credential_activity_service.reset_password(code, password) else: raise HTTPMethodNotAllowed()
def reset_password(self): """Perform the actual reset based on the email reset link. User arrives on the page and enters the new password. """ schema = self.request.registry.getUtility(IResetPasswordSchema) schema = schema().bind(request=self.request) form = self.request.registry.getUtility(IResetPasswordForm) form = form(schema) code = self.request.matchdict.get('code', None) credential_activity_service = get_credential_activity_service( self.request) user = credential_activity_service.get_user_for_password_reset_token( code) if not user: raise HTTPNotFound("Invalid password reset code") if self.request.method == 'GET': return { 'form': form.render(appstruct=dict(user=user.friendly_name)) } elif self.request.method == 'POST': try: controls = self.request.POST.items() captured = form.validate(controls) except deform.ValidationFailure as e: return {'form': e.render(), 'errors': e.error.children} password = captured['password'] return credential_activity_service.reset_password(code, password) else: raise HTTPMethodNotAllowed()
def forgot_password(self): req = self.request schema = req.registry.getUtility(IForgotPasswordSchema) schema = schema().bind(request=req) form = req.registry.getUtility(IForgotPasswordForm) form = form(schema) if req.method == 'GET': if req.user: return HTTPFound(location=self.forgot_password_redirect_view) else: return {'form': form.render()} # From here on, we know it's a POST. Let's validate the form controls = req.POST.items() try: captured = form.validate(controls) except deform.ValidationFailure as e: # This catches if the email does not exist, too. return {'form': e.render(), 'errors': e.error.children} credential_activity_service = get_credential_activity_service( self.request) # Process valid form email = captured["email"] try: return credential_activity_service.create_forgot_password_request( email) except CannotResetPasswordException as e: messages.add(self.request, msg=str(e), msg_id="msg-cannot-reset-password", kind="error") return {'form': form.render()}