def reset_password(data=None):
if data is not None:
try:
name = unserialize(data, max_age=1800)
except (BadTimeSignature, SignatureExpired):
return render_template("reset_password.html",
errors=["Your link has expired"])
except (BadSignature, TypeError, base64.binascii.Error):
return render_template("reset_password.html",
errors=["Your reset token is invalid"])
if request.method == "GET":
return render_template("reset_password.html", mode="set")
if request.method == "POST":
user = Users.query.filter_by(name=name).first_or_404()
user.password = request.form["password"].strip()
db.session.commit()
log(
"logins",
format="[{date}] {ip} - successful password reset for {name}",
name=name,
)
db.session.close()
return redirect(url_for("auth.login"))
if request.method == "POST":
email_address = request.form["email"].strip()
team = Users.query.filter_by(email=email_address).first()
get_errors()
if config.can_send_mail() is False:
return render_template(
"reset_password.html",
errors=[
"Email could not be sent due to server misconfiguration"
],
)
if not team:
return render_template(
"reset_password.html",
errors=[
"If that account exists you will receive an email, please check your inbox"
],
)
email.forgot_password(email_address, team.name)
return render_template(
"reset_password.html",
errors=[
"If that account exists you will receive an email, please check your inbox"
],
)
return render_template("reset_password.html")
def reset_password(data=None):
if data is not None:
try:
name = unserialize(data, max_age=1800)
except (BadTimeSignature, SignatureExpired):
return render_template('reset_password.html',
errors=['Your link has expired'])
except (BadSignature, TypeError, base64.binascii.Error):
return render_template('reset_password.html',
errors=['Your reset token is invalid'])
if request.method == "GET":
return render_template('reset_password.html', mode='set')
if request.method == "POST":
team = Users.query.filter_by(name=name).first_or_404()
team.password = bcrypt_sha256.encrypt(
request.form['password'].strip())
db.session.commit()
log('logins',
format="[{date}] {ip} - successful password reset for {name}")
db.session.close()
return redirect(url_for('auth.login'))
if request.method == 'POST':
email_address = request.form['email'].strip()
team = Users.query.filter_by(email=email_address).first()
errors = get_errors()
if config.can_send_mail() is False:
return render_template(
'reset_password.html',
errors=[
'Email could not be sent due to server misconfiguration'
])
if not team:
return render_template(
'reset_password.html',
errors=[
'If that account exists you will receive an email, please check your inbox'
])
email.forgot_password(email_address, team.name)
return render_template(
'reset_password.html',
errors=[
'If that account exists you will receive an email, please check your inbox'
])
return render_template('reset_password.html')
def reset_password(data=None):
if data is not None:
try:
name = unserialize(data, max_age=1800)
except (BadTimeSignature, SignatureExpired):
return render_template('reset_password.html', errors=['Votre lien a expiré'])
except (BadSignature, TypeError, base64.binascii.Error):
return render_template('reset_password.html', errors=['Votre token de réinitialisation est inalide'])
if request.method == "GET":
return render_template('reset_password.html', mode='set')
if request.method == "POST":
user = Users.query.filter_by(name=name).first_or_404()
user.password = request.form['password'].strip()
db.session.commit()
log('logins', format="[{date}] {ip} - successful password reset for {name}", name=name)
db.session.close()
return redirect(url_for('auth.login'))
if request.method == 'POST':
email_address = request.form['email'].strip()
team = Users.query.filter_by(email=email_address).first()
errors = get_errors()
if config.can_send_mail() is False:
return render_template(
'reset_password.html',
errors=['Le courriel n\'a pas pu être envoyé en raison d\'une erreur de configuration du serveur']
)
if not team:
return render_template(
'reset_password.html',
errors=['Si ce compte existe un courriel vous sera envoyé']
)
email.forgot_password(email_address, team.name)
return render_template(
'reset_password.html',
errors=['Si ce compte existe un courriel vous sera envoyé']
)
return render_template('reset_password.html')
def reset_password(data=None):
if data is not None:
try:
email_address = unserialize(data, max_age=1800)
except (BadTimeSignature, SignatureExpired):
return render_template("reset_password.html",
errors=["Your link has expired"])
except (BadSignature, TypeError, base64.binascii.Error):
return render_template("reset_password.html",
errors=["Your reset token is invalid"])
if request.method == "GET":
return render_template("reset_password.html", mode="set")
if request.method == "POST":
password = request.form.get("password", "").strip()
user = Users.query.filter_by(email=email_address).first_or_404()
if user.oauth_id:
return render_template(
"reset_password.html",
errors=[
"Your account was registered via an authentication provider and does not have an associated password. Please login via your authentication provider."
],
)
pass_short = len(password) == 0
if pass_short:
return render_template(
"reset_password.html",
errors=["Please pick a longer password"])
user.password = password
db.session.commit()
clear_user_session(user_id=user.id)
log(
"logins",
format="[{date}] {ip} - successful password reset for {name}",
name=user.name,
)
db.session.close()
email.password_change_alert(user.email)
return redirect(url_for("auth.login"))
if request.method == "POST":
email_address = request.form["email"].strip()
user = Users.query.filter_by(email=email_address).first()
get_errors()
if config.can_send_mail() is False:
return render_template(
"reset_password.html",
errors=[
"Email could not be sent due to server misconfiguration"
],
)
if not user:
return render_template(
"reset_password.html",
errors=[
"If that account exists you will receive an email, please check your inbox"
],
)
if user.oauth_id:
return render_template(
"reset_password.html",
errors=[
"The email address associated with this account was registered via an authentication provider and does not have an associated password. Please login via your authentication provider."
],
)
email.forgot_password(email_address)
return render_template(
"reset_password.html",
errors=[
"If that account exists you will receive an email, please check your inbox"
],
)
return render_template("reset_password.html")
