def reset_password():
"""
POST method that sends password reset link
to the email address that is registered
in our system
:return: eather link sent to email or no correct
response
"""
if 'user_id' in session:
return json.dumps({'message':
'Logged user cannot reset password'}), 401
data = request.get_json()
email = data['email']
schema = UserSchema.reg_email
if not re.match(schema, email):
return json.dumps({'message': 'Email is invalid'}), 415
user = User.query.filter(User.email == email).first()
if not user:
return json.dumps({'message': f'Email {email} not found'}), 404
token = generate_confirmation_token(user.email)
subject = "Password reset requested"
recover_url = url_for(
'index', _external=True) + \
'reset_password_confirm/' + \
token.decode('utf-8')
html = f'Reset Password link {recover_url}'
send_email(user.email, subject, html)
return json.dumps(
{'message': f'reset password link sent to email {email}'}), 201
def post(self):
url = request.host_url + 'reset/'
try:
body = request.get_json()
reset_token = body.get('reset_token')
password = body.get('password')
if not reset_token or not password:
raise SchemaValidationError
user_id = decode_token(reset_token)['identity']
user = User.objects.get(id=user_id)
user.modify(password=password)
user.hash_password()
user.save()
return send_email('[Movie-bag] Password reset successful',
sender='*****@*****.**',
recipients=[user.email],
text_body='Password reset was successful',
html_body='<p>Password reset was successful</p>')
except SchemaValidationError:
raise SchemaValidationError
# except ExpiredSignatureError:
# raise ExpiredTokenError
except (DecodeError, InvalidTokenError):
raise BadTokenError
except Exception as e:
raise InternalServerError
def post(self):
url = request.host_url + 'reset/'
try:
body = request.get_json()
email = body.get('email')
if not email:
raise SchemaValidationError
user = User.objects.get(email=email)
if not user:
raise EmailDoesnotExistsError
expires = datetime.timedelta(hours=24)
reset_token = create_access_token(str(user.id),
expires_delta=expires)
return send_email(
'[Movie-bag] Reset Your Password',
sender='*****@*****.**',
recipients=[user.email],
text_body=render_template('email/reset_password.txt',
url=url + reset_token),
html_body=render_template('email/reset_password.html',
url=url + reset_token))
except SchemaValidationError:
raise SchemaValidationError
except EmailDoesnotExistsError:
raise EmailDoesnotExistsError
except Exception as e:
raise InternalServerError
def send_templink(path, emails):
"""
Function generate token and send link to user email.
:param path: path to file
:param emails: list of emails of recepients
:return: status
"""
token = generate_confirmation_token(path)
subject = "Your file has been processed!"
recover_url = url_for(
'index', _external=True) + \
'api/temp_link/' + \
token.decode('utf-8')
html = f'Your file has been processed successfully. \
Please download it from link {recover_url}'
send_email(emails, subject, html)
return 'Link sent'
def reset_request():
"""
POST method that sends password reset link
to the email address that is registered
in our system
:return: eather link sent to email or no correct
response
"""
ttl = 60 * 60
if 'user_id' in session:
return jsonify({
'message': 'Logged user cannot reset password'
}), Status.HTTP_401_UNAUTHORIZED
data = request.get_json()
email = data['email']
schema = UserSchema.reg_email
if not re.match(schema, email):
return jsonify({
'message': 'Email is invalid'
}), Status.HTTP_415_UNSUPPORTED_MEDIA_TYPE
user = DataBaseManager.get_user_by_email(email)
if not user:
return jsonify({
'message': f'Email {email} not found'
}), Status.HTTP_404_NOT_FOUND
token = generate_confirmation_token(user.email)
subject = "Password reset requested"
recover_url = url_for(
'index', _external=True) + \
'reset_password_confirm/' + \
token.decode('utf-8')
html = f'Reset Password link {recover_url}'
send_email(user.email, subject, html)
REDIS.set(token, True, ex=ttl)
return jsonify({
'message': f'reset password link sent to email {email}'
}), Status.HTTP_201_CREATED
def register():
"""
POST methods for registration
:return: Registered user or
incorrect responses
"""
data = request.get_json()
email = data['email']
password = data['password']
user = User.query.filter(User.email == email).first()
if user:
if user.confirmed:
return json.dumps({'message':
f'email: {email} already exist'}), 401
if not user:
user = User.create(email, password)
password = check_password_hash(pwhash=user.password,
password=data['password'])
if not password:
return json.dumps({
'message':
'You entered incorrect password please reset your password'
}), 400
token = generate_confirmation_token(user.email)
confirm_url = url_for('index',
_external=True) + 'confirm/' + token.decode('utf-8')
html = f'Link: {confirm_url}'
subject = "Please confirm your email"
send_email(user.email, subject, html)
return json.dumps({
'message':
f'Please confirm registration and link sent to {user.email}'
}), 201
def register():
"""
POST methods for registration
:return: Registered user or
incorrect responses
"""
data = request.get_json()
email = data['email']
password = data['password']
user = DataBaseManager.get_user_by_email(email)
if user:
if user.confirmed:
return jsonify({
'message': f'email: {email} already exist'
}), Status.HTTP_401_UNAUTHORIZED
if not user:
user = User.create(email, password)
password = check_password_hash(pwhash=user.password, password=data['password'])
if not password:
return jsonify({
'message': 'You entered incorrect password please reset your password'
}), Status.HTTP_400_BAD_REQUEST
token = generate_confirmation_token(user.email)
confirm_url = url_for('index', _external=True) + 'confirm/' + token.decode('utf-8')
html = f'Link: {confirm_url}'
subject = "Please confirm your email"
send_email(user.email, subject, html)
return jsonify({
'message': f'Please confirm registration via email'
}), Status.HTTP_201_CREATED
def send_confirm_email(email, fullname, **kwargs):
confirm_token = encode_token(email, int(TOKEN_UPTIME))
active_link = SERVER_BASE_URL + 'register/confirm_email/' + confirm_token
msg_html = email_template.gen_confirm_email_body_template(fullname, email, active_link)
mail_service.send_email("uShop's email confirmation", email, msg_html)
