Exemplo n.º 1
0
def reset():
    form=ResetForm(request.form)
    if request.method == 'GET':
        id=int(request.args.get('id'))
        key=int(request.args.get('key'))
        if CheckRequest(id,key)==0:
            flash('The Request is invalid or expired.Please try again.')
            return redirect(url_for('login')) 
        resp = make_response(render_template('reset.html',form=form))
        resp.set_cookie('email',get_email(id))
        return resp
    
    if request.method == 'POST' and form.validate():
        S=BotCheck(request.form.get('g-recaptcha-response'))
        user=User.query.get(request.cookies.get('email'))
    	
    	if user is None:
    		flash("Entered Email ID is not registered with us.")
    		return render_template('register.html', form=form)
    	
    	if S==False:
    		flash('Invalid Bot Captcha,Please reuse the link.')
    		return redirect(url_for('login')) 
        user.password= form.confirm.data
        db.session.add(user)
        db.session.commit()
        flash('Password changed ,now you can login with you new password')
        return redirect(url_for('login'))
Exemplo n.º 2
0
def reset():
    if current_user.is_authenticated:
        return redirect(url_for('/'))
    form = ResetForm()
    if form.validate_on_submit():
        if not models.User.query.filter_by(
                email=form.email.data.lower()).first():
            flash("User with email you entered not found!")
            return redirect(url_for('reset'))
        else:
            new_password = getrandompassword()
            curr = db.session.query(
                models.User).filter_by(email=form.email.data.lower()).first()
            curr.password = generate_password_hash(new_password,
                                                   method='sha256')
            db.session.commit()

            msg = Message('Password reset',
                          sender='*****@*****.**',
                          recipients=[form.email.data])
            msg.html = 'Your new password is <b>{}</b>, you can change it in account settings'.format(
                new_password)
            mail.send(msg)

            flash("Check your email for further instructions")
            return redirect(url_for('reset'))

    return render_template('reset.html', form=form)
Exemplo n.º 3
0
def reset(request):
    if request.method == 'POST':  # if form submitted...
        form = ResetForm(request.POST)
        if form.is_valid():
            username = form.cleaned_data.get("username")
            user = User.objects.get(username__exact=username)
            newpass = User.objects.make_random_password(length=8)
            user.set_password(newpass)
            user.save()
            if request.is_secure():
                prefix = 'https://'
            else:
                prefix = 'http://'
            # TODO - better way to manage email message content
            send_mail(
                'OppiaMobile: Password reset',
                'Here is your new password for OppiaMobile: ' + newpass +
                '\n\nWhen you next log in you can update your password to something more memorable.'
                + '\n\n' + prefix + request.META['SERVER_NAME'],
                settings.SERVER_EMAIL, [user.email],
                fail_silently=False)
            return HttpResponseRedirect('sent')
    else:
        form = ResetForm()  # An unbound form

    return render(request, 'oppia/profile/reset.html', {
        'form': form,
    })
Exemplo n.º 4
0
def login():
    if current_user.is_authenticated:
        return redirect('/')

    form = LoginForm()
    form1 = ResetForm()

    if form.validate_on_submit():
        user = db.session.query(models.User).filter_by(email=(form.email.data).lower()).first()
        if user:
            if check_password_hash(user.password, form.password.data):
                login_user(user, remember=form.remember.data)
                return redirect('/')

        flash("Invalid email or/and password!")
        return redirect(url_for('login'))

    if form1.validate_on_submit():
        if not db.session.query(models.User).filter_by(email=form1.email.data.lower()).first():
            flash("User with email you entered not found!")
            return redirect(url_for('login'))
        else:
            new_password = getrandompassword()
            curr = db.session.query(models.User).filter_by(email=form1.email.data.lower()).first()
            curr.password = generate_password_hash(new_password, method='sha256')
            db.session.commit()

            msg = Message('Password reset', sender='*****@*****.**', recipients=[form1.email.data])
            msg.html = 'Your new password is <b>{}</b>, you can change it in account settings'.format(new_password)
            Thread(target=send_async_email, args=(app, msg)).start()

            flash('Check your email for further instructions')
            return redirect(url_for('login'))

    return render_template("login.html", form=form, form1=form1)
Exemplo n.º 5
0
def forgot():
    form = ResetForm()
    if (form.validate_on_submit()):
        user = User.query.filter_by(email=str(form.email.data)).first()
        forgotpassword(user)
        flash('Email sent', 'info ')
        return redirect(url_for('login'))

    return render_template('forgot.html', title='forgot', form=form)
Exemplo n.º 6
0
def resetpasswd():
    form = ResetForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).first()
        if user and user.username==form.username.data:
            hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
            user.password = hashed_password
            db.session.commit()
            return redirect('signin')
        else:
            flash('Authentication failed: username does not match email','danger')
    return render_template('forget.html', title="ResetPasswd", form=form)
Exemplo n.º 7
0
def reset_password(request, key):
	if request.method == 'GET':
		form = ResetForm()
	elif request.method == 'POST':
		form = ResetForm(request.POST)
		if form.is_valid():
			form.save(key)
			resp = render_to_string('forms/reset_password_form.html', {'form' : form}, context(request))
			return HttpResponse(resp)
		else:
			resp = render_to_string('forms/reset_password_form.html', {'form' : form}, context(request))
			return HttpResponseForbidden(resp)
	return render_to_response('reset.html', {'form' : form}, context(request))
Exemplo n.º 8
0
def resetpass():
    if(not session.get('phone')):
        return redirect(url_for('login'))

    form= ResetForm()
    if request.method == 'POST':
        ootp = form.data['otp']
        if ootp == session['otp']:
            if(session.get('log-in')=='reg'):

                conn.commit()
                session.pop('log-in', None)
                session.pop('phone', None)

                return redirect(url_for('login'))




            return redirect(url_for('newpass'))
        else:

            flash('INVALID OTP', 'danger')
            return redirect(url_for('resetpass'))


    otp1 = str(random.randrange(100000, 999999))
    print(otp1)
    URL = 'https://www.way2sms.com/api/v1/sendCampaign'
    session['otp']=otp1
    phone=session['phone']

    #resp=sms.sendPostRequest(URL, 'C23FTIDPYUYZVP7UV238S0QC1POBFWMR', 'N1AY9Q2S52NHUADE', 'stage', phone, '9781396442', f"Your OTP (One Time Password) to change your password is: {otp1} Do not share this with anyone!   Team college+")
    #print(resp.text)
    return render_template('verifyotp.html',form=form)
Exemplo n.º 9
0
def passwordreset_request():

    form = ResetForm()

    if request.method == "GET":
        return render_template('passwordreset.html', form=form)

    elif request.method == "POST":
        email = form.email.data.lower().strip()
        user = User.query.filter_by(email=email).first()
        if user is None:
            return redirect(url_for('passwordreset', id='noemail'))
        first_name = user.first_name

        email_verify_code = str(uuid.uuid1()).replace("-", "") + str(
            uuid.uuid1()).replace("-", "")
        confirmurl = "http://localhost:5000/reset/" + \
                    email_verify_code
        session['emailreset'] = email

        email_user_password_reset(email, confirmurl, first_name)
        #return email + confirmurl + first_name

        # "success meet requirements"
        return redirect(url_for('login', id='emailsent'))

    return redirect(url_for('passwordreset', id='failed'))
Exemplo n.º 10
0
def reset_user_password():
    form = ResetForm()
    if form.validate_on_submit():
        form = ResetForm()
        user_exist = User.query.filter_by(
            user_first_name=form.user_first_name.data).first()
        if user_exist and user_exist.user_second_name == form.user_second_name.data and user_exist.user_email == form.user_email.data:
            user_exist.user_password = form.new_password.data
            db.session.commit()
            flash(message="password successful changed for {}".format(
                form.user_first_name.data))
            return redirect(url_for('login'))
        else:
            flash(message="your first name,second name or email doesn't exist")
            return redirect(url_for('reset_user_password'))

    return render_template('reset_password.html', form=form)
Exemplo n.º 11
0
def reset_password(request):
    if request.method=="POST":
        form=ResetForm(request.POST)
        if form.is_valid():
            username=form.cleaned_data['username']
            user=User.objects.get(username=username)
            print user
            user.set_password(str(form.cleaned_data['password']))
            user.save()
            return HttpResponseRedirect('/foodline/login/')
        else:
            reg_form=form
            return render_to_response('re_password.html',locals())
    else:
        form=ResetForm()
        state="Please enter your new password"
        return render_to_response('re_password.html',locals())
Exemplo n.º 12
0
def render_reset_page():
    form = ResetForm()
    if form.validate_on_submit():
        authCode = form.authCode.data
        password = form.password.data
        matricID = form.matricID.data

        query = "SELECT * FROM student WHERE matric_no = '{}'".format(matricID)
        exists_students = db.session.execute(query).fetchone()
        if not exists_students:
            form.matricID.errors.append(
                "{} is not a valid matricID.".format(matricID))
        else:
            if not authCode:
                query = "UPDATE student SET authCode = f_random_str(10) WHERE matric_no = '{}'".format(
                    matricID)
                print(query)
                db.session.execute(query)
                db.session.commit()
                query = "SELECT authcode FROM student WHERE matric_no = '{}'".format(
                    matricID)
                auth_code = db.session.execute(query).fetchone()[0]
                query = "SELECT nusnetid FROM studentinfo WHERE matric_no = '{}'".format(
                    matricID)
                email = db.session.execute(query).fetchone()[0] + "@u.nus.edu"
                print(auth_code, email)
                send_mail(email, auth_code, matricID)
                form.authCode.errors.append(
                    "authCode has been sent to your email, please check.")
            else:
                query = "SELECT authcode FROM student WHERE matric_no = '{}'".format(
                    matricID)
                print(query)
                correct_authCode = db.session.execute(query).fetchone()[0]
                if authCode == correct_authCode:
                    query = "UPDATE users SET password = '******' WHERE uname = (SELECT uname FROM student WHERE matric_no = '{}')".format(
                        password, matricID)
                    db.session.execute(query)
                    query = "UPDATE student SET authCode = f_random_str(10) WHERE matric_no = '{}'".format(
                        matricID)
                    db.session.execute(query)
                    db.session.commit()
                    return "<meta http-equiv=\"refresh\" content=\"3;url = /login\" />password-changing successful, you will be redirected to login page in three seconds!"
                else:
                    form.authCode.errors.append("authcode is invalid")
    return render_template("reset.html", form=form)
Exemplo n.º 13
0
def reset(request):
    if request.method == 'POST': # if form submitted...
        form = ResetForm(request.POST)
        if form.is_valid():
            username = form.cleaned_data.get("username")
            user = User.objects.get(username__exact=username)
            newpass = User.objects.make_random_password(length=8)
            user.set_password(newpass)
            user.save()
            # TODO - better way to manage email message content
            send_mail('mQuiz: Password reset', 'Here is your new password for mQuiz: '+newpass 
                      + '\n\nWhen you next log in you can update your password to something more memorable.' 
                      + '\n\nhttp://mquiz.org', 
                      settings.SERVER_EMAIL, [user.email], fail_silently=False)
            return HttpResponseRedirect('sent')
    else:
        form = ResetForm() # An unbound form

    return render(request, 'mquiz/profile/reset.html', {'form': form,})
Exemplo n.º 14
0
def login(request):
    otherVars = {}
#     print resolve(request.path_info).url_name
    otherVars['pageType'] = 'login'
    if request.user.is_authenticated():
        return HttpResponseRedirect(reverse('patientView'))

    # If the form has been submitted...
    if request.method == 'POST':
        if '_login' in request.POST:
            # A form bound to the POST data
            formLogin = LoginForm(None, request.POST)
            formReset = ResetForm()
            # input validation for login form
            if formLogin.is_valid():

                auth.login(request, formLogin.get_user())
                if request.session.test_cookie_worked():
                    request.session.delete_test_cookie()
                if formLogin.cleaned_data['rememberuser'] == True:
                    request.session.set_expiry(datetime.utcnow().replace(tzinfo=utc) + timedelta(days=10))
                else:
                    request.session.set_expiry(0)

                return HttpResponseRedirect(reverse('patientView'))
            otherVars['loginActive'] = 'Y'

        if '_reset' in request.POST:
            formReset = ResetForm(request.POST)
            formLogin = LoginForm()
    else:
        # An unbound form
        formLogin = LoginForm(request)
        formReset = ResetForm()
        otherVars['loginActive'] = 'Y'

    request.session.set_test_cookie()
    return render(request, 'main/login.html', {
        'formLogin': formLogin,
        'formReset': formReset,
        'otherVars': otherVars,
        })
Exemplo n.º 15
0
def reset(reset_key):
    user = get_user_by_reset_key(reset_key)
    if user is None:
        flash(_(u'Invalid password reset link'), 'error')
        return redirect(url_for('troikas'))
    resetform = ResetForm()
    reseterrors = []
    if resetform.validate_on_submit():
        user.password = hash_password(resetform.password.data)
        user.password_reset_key = None
        user.password_reset_expire = None
        session['email'] = user.email
        save_user(user)
        flash(_(u'Password reset successful, you were logged in'))
        return redirect(url_for('troikas'))
    if resetform.errors:
        for key, value in resetform.errors.items():
            reseterrors.append(key + ': ' + value[0])

    return render_template('reset.html', resetform=resetform, reseterrors=reseterrors)
Exemplo n.º 16
0
def reset():
    form = ResetForm()
    if form.validate_on_submit():
        if request.method == 'POST':
            global a
            results = request.form
            values = list(results.values())
            if values[1] == values[2]:
                cursor = connection1.cursor()
                update = ("UPDATE signin SET password =? where  empid ='" + a +
                          "'")
                hashed_password = bcrypt.generate_password_hash(
                    values[1]).decode('utf-8')
                values = [hashed_password]
                cursor.execute(update, values)
                connection1.commit()
                return redirect(url_for('login'))
            else:
                flash('Please enter same password in both fields', 'danger')
    return render_template('reset.html', form=form)
Exemplo n.º 17
0
def reset_password():
    form = ResetForm()
    connection = get_connection()
    cursor = get_cursor()
    if session['reset_ok'] and session[
            'reset_user_id'] is not None and form.validate_on_submit():
        with connection:
            with cursor:
                try:
                    cursor.execute(
                        "UPDATE user_account SET password = %s WHERE id = %s",
                        (generate_password_hash(
                            form.password.data), session['reset_user_id']))
                    flash("Reset successful!", 'success')
                    return redirect(url_for("auth.login"))
                except Exception as e:
                    error = "Something went wrong. Please try again later"
                    current_app.logger.error(e)
                    flash(error, 'error')

    return render_template("auth/password_reset.html", form=form)
Exemplo n.º 18
0
def reset():
    form = ResetForm()
    print(form.errors)

    if form.is_submitted():
        print("submitted")

    print(form.errors)
    print('Estoy acá1')
    # print(form.validate_on_submit())
    if form.validate_on_submit():
        print('Estoy acá2')
        return redirect(
                url_for(
                    'routes.output',
                    msg="<h4>Por el momento el sistema de recuperación de \
                    contraseña no esta implementado y no creo que \
                    lo este en por un tiempo largo</h4>"
                )
        )
    return render_template('auth/reset.html', form=form)
Exemplo n.º 19
0
def reset():
    form = ResetForm()
    if form.validate_on_submit():
        flash('Password is restored', 'success')
        return redirect(url_for('login'))
    return render_template('reset.html', title='Reset password', form=form)