def __post_recovery(self, **post):
try:
data = Bunch(reset_password_form.native(post)[0])
except Exception as e:
if config.get('debug', False):
raise
return 'json:', dict(success=False, message=_("Unable to parse data."), data=post, exc=str(e))
recovery = self.__get_recovery(data.email, data.recovery_key)
if not recovery:
return 'json:', dict(success=False, message=_("Sorry that recovery link has already expired"),
location="/account/recover")
passwd_ok, error_msg = _check_password(data.password, data.pass2)
if not passwd_ok:
return 'json:', dict(success=False, message=error_msg)
#If the password isn't strong enough, reject it
if(zxcvbn.password_strength(data.password).get("score") < MINIMUM_PASSWORD_STRENGTH):
return 'json:', dict(success=False, message=_("Password provided is too weak. please add more characters, or include lowercase, uppercase, and special characters."), data=data)
#set new password
user = recovery.user
user.password = data.password
user.save()
#remove recovery key
recovery.delete()
authenticate(user.username, data.password)
return 'json:', dict(success=True, message=_("Password changed, forwarding ..."), location="/")
def get(self, redirect=None, **get):
if redirect is None:
referrer = request.referrer
redirect = '/' if not referrer or referrer.endswith(request.script_name) else referrer
try:
data = Bunch(reset_password_form.native(get)[0])
except Exception as e:
if config.get('debug', False):
raise
raise HTTPFound(location='/') # Todo redirect to recover with error message
if not data.recovery_key: # no key passed, so show email entry
form = recover_form(dict(redirect=redirect))
button_label = _("Recover")
else:
form = reset_password_form(dict(email=data.email, recovery_key=data.recovery_key))
button_label = _("Set Password")
return "brave.core.account.template.recover", dict(form=form, button_label=str(button_label))
def __post_recovery(self, **post):
try:
data = Bunch(reset_password_form.native(post)[0])
except Exception as e:
if config.get('debug', False):
raise
return 'json:', dict(success=False,
message=_("Unable to parse data."),
data=post,
exc=str(e))
recovery = self.__get_recovery(data.email, data.recovery_key)
if not recovery:
return 'json:', dict(
success=False,
message=_("Sorry that recovery link has already expired"),
location="/account/recover")
passwd_ok, error_msg = _check_password(data.password, data.pass2)
if not passwd_ok:
return 'json:', dict(success=False, message=error_msg)
#If the password isn't strong enough, reject it
if (zxcvbn.password_strength(data.password).get("score") <
MINIMUM_PASSWORD_STRENGTH):
return 'json:', dict(
success=False,
message=
_("Password provided is too weak. please add more characters, or include lowercase, uppercase, and special characters."
),
data=data)
#set new password
user = recovery.user
user.password = data.password
user.save()
#remove recovery key
recovery.delete()
authenticate(user.username, data.password)
return 'json:', dict(success=True,
message=_("Password changed, forwarding ..."),
location="/")
def get(self, redirect=None, **get):
if redirect is None:
referrer = request.referrer
redirect = '/' if not referrer or referrer.endswith(
request.script_name) else referrer
try:
data = Bunch(reset_password_form.native(get)[0])
except Exception as e:
if config.get('debug', False):
raise
raise HTTPFound(
location='/') # Todo redirect to recover with error message
if not data.recovery_key: # no key passed, so show email entry
form = recover_form(dict(redirect=redirect))
button_label = _("Recover")
else:
form = reset_password_form(
dict(email=data.email, recovery_key=data.recovery_key))
button_label = _("Set Password")
return "brave.core.account.template.recover", dict(
form=form, button_label=str(button_label))
