def reset_password(email): """ This endpoint can be used to rest a users password. To do this a uniquecode is required. """ last_code = UniqueCode.last_code(email) code = request.form.get("code", None) if not (last_code == code): return make_error(400, "Invalid code") password = request.form.get("password", None) if len(password) < 4: return make_error(400, "Password should be at least 4 characters long") user = User.find(email) if user is None: return make_error(400, "Email unknown") user.update_password(password) db_session.commit() # Delete all the codes for this user for x in UniqueCode.all_codes_for(email): db_session.delete(x) db_session.commit() return "OK"
def setUp(self): app.testing = True self.app = app.test_client() with app.test_request_context(): create_minimal_test_db(zeeguu.db) self.session = self.get_session() self.user = User.find(TEST_EMAIL)
def test_password_hash(self): p1 = "test" p2 = "pass" user = User.find("*****@*****.**") hash1 = util.password_hash(p1,user.password_salt) hash2 = util.password_hash(p2, user.password_salt) assert hash1 != hash2 assert user.authorize("*****@*****.**", "pass") != None