def recover(request): form = RecoverPasswordForm(request.POST or None) if form.is_valid(): password_hash, created = LostPasswordHash.objects.get_or_create( user=form.cleaned_data['user']) if not password_hash.is_valid(): created = True password_hash.date_added = timezone.now() password_hash.set_hash() if not created: form.errors['__all__'] = [ 'A password reset was already attempted for this account within the last 24 hours.' ] if form.is_valid(): password_hash.send_recover_mail() return render_to_response('sentry/account/recover/sent.html', { 'email': password_hash.user.email, }, request) context = { 'form': form, } return render_to_response('sentry/account/recover/index.html', context, request)
def recover(request): form = RecoverPasswordForm(request.POST or None, captcha=bool(request.session.get('needs_captcha'))) if form.is_valid(): password_hash, created = LostPasswordHash.objects.get_or_create( user=form.cleaned_data['user'] ) if not password_hash.is_valid(): password_hash.date_added = timezone.now() password_hash.set_hash() if form.is_valid(): password_hash.send_recover_mail() request.session.pop('needs_captcha', None) return render_to_response('sentry/account/recover/sent.html', { 'email': password_hash.user.email, }, request) elif request.POST and not request.session.get('needs_captcha'): request.session['needs_captcha'] = 1 form = RecoverPasswordForm(request.POST or None, captcha=True) form.errors.pop('captcha', None) context = { 'form': form, } return render_to_response('sentry/account/recover/index.html', context, request)
def recover(request): form = RecoverPasswordForm(request.POST or None, captcha=bool( request.session.get('needs_captcha'))) if form.is_valid(): password_hash, created = LostPasswordHash.objects.get_or_create( user=form.cleaned_data['user']) if not password_hash.is_valid(): password_hash.date_added = timezone.now() password_hash.set_hash() if form.is_valid(): password_hash.send_recover_mail() request.session.pop('needs_captcha', None) return render_to_response('sentry/account/recover/sent.html', { 'email': password_hash.user.email, }, request) elif request.POST and not request.session.get('needs_captcha'): request.session['needs_captcha'] = 1 form = RecoverPasswordForm(request.POST or None, captcha=True) form.errors.pop('captcha', None) context = { 'form': form, } return render_to_response('sentry/account/recover/index.html', context, request)
def recover(request): form = RecoverPasswordForm(request.POST or None) if form.is_valid(): password_hash, created = LostPasswordHash.objects.get_or_create( user=form.cleaned_data['user'] ) if not password_hash.is_valid(): created = True password_hash.date_added = timezone.now() password_hash.set_hash() if not created: form.errors['__all__'] = ['A password reset was already attempted for this account within the last 24 hours.'] if form.is_valid(): password_hash.send_recover_mail() return render_to_response('sentry/account/recover/sent.html', { 'email': password_hash.user.email, }, request) context = { 'form': form, } return render_to_response('sentry/account/recover/index.html', context, request)
def recover(request): form = RecoverPasswordForm(request.POST or None) if form.is_valid(): password_hash, created = LostPasswordHash.objects.get_or_create(user=form.cleaned_data["user"]) if not password_hash.is_valid(): password_hash.date_added = timezone.now() password_hash.set_hash() if form.is_valid(): password_hash.send_recover_mail() return render_to_response("sentry/account/recover/sent.html", {"email": password_hash.user.email}, request) context = {"form": form} return render_to_response("sentry/account/recover/index.html", context, request)
def recover(request): from sentry.app import ratelimiter if request.method == 'POST' and ratelimiter.is_limited( 'accounts:recover:{}'.format(request.META['REMOTE_ADDR']), limit=5, window=60, # 5 per minute should be enough for anyone ): return HttpResponse( 'You have made too many password recovery attempts. Please try again later.', content_type='text/plain', status=429, ) form = RecoverPasswordForm(request.POST or None) if form.is_valid(): password_hash = send_password_recovery_mail(request, form.cleaned_data['user']) return render_to_response('sentry/account/recover/sent.html', { 'email': password_hash.user.email, }, request) context = { 'form': form, } return render_to_response('sentry/account/recover/index.html', context, request)
def recover(request): form = RecoverPasswordForm(request.POST or None) if form.is_valid(): password_hash, created = LostPasswordHash.objects.get_or_create( user=form.cleaned_data['user']) if not password_hash.is_valid(): password_hash.date_added = timezone.now() password_hash.set_hash() if form.is_valid(): password_hash.send_recover_mail() return render_to_response('sentry/account/recover/sent.html', { 'email': password_hash.user.email, }, request) context = { 'form': form, } return render_to_response('sentry/account/recover/index.html', context, request)
def recover(request): form = RecoverPasswordForm(request.POST or None) if form.is_valid(): password_hash = send_password_recovery_mail(form.cleaned_data['user']) return render_to_response('sentry/account/recover/sent.html', { 'email': password_hash.user.email, }, request) context = { 'form': form, } return render_to_response('sentry/account/recover/index.html', context, request)
def recover(request): from sentry.app import ratelimiter extra = { "ip_address": request.META["REMOTE_ADDR"], "user_agent": request.META.get("HTTP_USER_AGENT"), } if request.method == "POST" and ratelimiter.is_limited( "accounts:recover:{}".format(extra["ip_address"]), limit=5, window=60, # 5 per minute should be enough for anyone ): logger.warning("recover.rate-limited", extra=extra) return HttpResponse( "You have made too many password recovery attempts. Please try again later.", content_type="text/plain", status=429, ) prefill = {"user": request.GET.get("email")} form = RecoverPasswordForm(request.POST or None, initial=prefill) extra["user_recovered"] = form.data.get("user") if form.is_valid(): email = form.cleaned_data["user"] if email: password_hash = LostPasswordHash.for_user(email) password_hash.send_email(request) extra["passwordhash_id"] = password_hash.id extra["user_id"] = password_hash.user_id logger.info("recover.sent", extra=extra) context = {"email": email} return render_to_response(get_template("recover", "sent"), context, request) if form._errors: logger.warning("recover.error", extra=extra) context = {"form": form} return render_to_response(get_template("recover", "index"), context, request)
def recover(request): from sentry.app import ratelimiter extra = { 'ip_address': request.META['REMOTE_ADDR'], 'user_agent': request.META.get('HTTP_USER_AGENT'), } if request.method == 'POST' and ratelimiter.is_limited( u'accounts:recover:{}'.format(extra['ip_address']), limit=5, window=60, # 5 per minute should be enough for anyone ): logger.warning('recover.rate-limited', extra=extra) return HttpResponse( 'You have made too many password recovery attempts. Please try again later.', content_type='text/plain', status=429, ) prefill = {'user': request.GET.get('email')} form = RecoverPasswordForm(request.POST or None, initial=prefill) extra['user_recovered'] = form.data.get('user') if form.is_valid(): email = form.cleaned_data['user'] if email: password_hash = LostPasswordHash.for_user(email) password_hash.send_email(request) extra['passwordhash_id'] = password_hash.id extra['user_id'] = password_hash.user_id logger.info('recover.sent', extra=extra) tpl = 'sentry/account/recover/sent.html' context = {'email': email} return render_to_response(tpl, context, request) if form._errors: logger.warning('recover.error', extra=extra) tpl = 'sentry/account/recover/index.html' context = {'form': form} return render_to_response(tpl, context, request)
def recover(request): form = RecoverPasswordForm(request.POST or None, captcha=bool(request.session.get('needs_captcha'))) if form.is_valid(): password_hash = send_password_recovery_mail(form.cleaned_data['user']) request.session.pop('needs_captcha', None) return render_to_response('sentry/account/recover/sent.html', { 'email': password_hash.user.email, }, request) elif request.POST and not request.session.get('needs_captcha'): request.session['needs_captcha'] = 1 form = RecoverPasswordForm(request.POST or None, captcha=True) form.errors.pop('captcha', None) context = { 'form': form, } return render_to_response('sentry/account/recover/index.html', context, request)