def reset_password(email):
"""
This endpoint can be used to rest a users password.
To do this a uniquecode is required.
"""
last_code = UniqueCode.last_code(email)
code = request.form.get("code", None)
if not (last_code == code):
return make_error(400, "Invalid code")
password = request.form.get("password", None)
if len(password) < 4:
return make_error(400, "Password should be at least 4 characters long")
user = User.find(email)
if user is None:
return make_error(400, "Email unknown")
user.update_password(password)
db_session.commit()
# Delete all the codes for this user
for x in UniqueCode.all_codes_for(email):
db_session.delete(x)
db_session.commit()
return "OK"
def setUp(self):
app.testing = True
self.app = app.test_client()
with app.test_request_context():
create_minimal_test_db(zeeguu.db)
self.session = self.get_session()
self.user = User.find(TEST_EMAIL)
def test_password_hash(self):
p1 = "test"
p2 = "pass"
user = User.find("*****@*****.**")
hash1 = util.password_hash(p1,user.password_salt)
hash2 = util.password_hash(p2, user.password_salt)
assert hash1 != hash2
assert user.authorize("*****@*****.**", "pass") != None
def test_password_hash(self):
p1 = "test"
p2 = "pass"
user = User.find("*****@*****.**")
hash1 = util.password_hash(p1,user.password_salt)
hash2 = util.password_hash(p2, user.password_salt)
assert hash1 != hash2
assert user.authorize("*****@*****.**", "pass") != None
