def update_password(self, user_id, password):
"""Update the user password.
Returns true if successful.
"""
user = self.find_one(req=None, _id=user_id)
if not user:
raise SuperdeskApiError.unauthorizedError('User not found')
if not self.is_user_active(user):
raise UserInactiveError()
updates = {
'password':
get_hash(password, app.config.get('BCRYPT_GENSALT_WORK_FACTOR',
12)),
app.config['LAST_UPDATED']:
utcnow()
}
if self.user_is_waiting_activation(user):
updates['needs_activation'] = False
self.patch(user_id, updates=updates)
def check_if_valid_token(self, token):
reset_request = superdesk.get_resource_service('active_tokens').find_one(req=None, token=token)
if not reset_request:
logger.warning('Invalid token received: %s' % token)
raise SuperdeskApiError.unauthorizedError('Invalid token received')
return reset_request
def update_password(self, user_id, password):
"""Update the user password.
Returns true if successful.
"""
user = self.find_one(req=None, _id=user_id)
if not user:
raise SuperdeskApiError.unauthorizedError("User not found")
if not self.is_user_active(user):
raise UserInactiveError()
updates = {
"password":
get_hash(password, app.config.get("BCRYPT_GENSALT_WORK_FACTOR",
12)),
"password_changed_on":
utcnow(),
app.config["LAST_UPDATED"]:
utcnow(),
}
if self.user_is_waiting_activation(user):
updates["needs_activation"] = False
self.patch(user_id, updates=updates)
def check_if_valid_token(self, token):
reset_request = superdesk.get_resource_service("active_tokens").find_one(req=None, token=token)
if not reset_request:
logger.warning("Invalid token received: %s" % token)
raise SuperdeskApiError.unauthorizedError("Invalid token received")
return reset_request
def reset_password(self, doc):
key = doc.get('token')
password = doc.get('password')
reset_request = superdesk.get_resource_service('active_tokens').find_one(req=None, token=key)
if not reset_request:
logger.warning('Invalid token received: %s' % key)
raise SuperdeskApiError.unauthorizedError('Invalid token received')
user_id = reset_request['user']
user = superdesk.get_resource_service('users').find_one(req=None, _id=user_id)
if not user.get('is_active'):
logger.warning('Try to set password for an inactive user')
raise SuperdeskApiError.forbiddenError('User not active')
superdesk.get_resource_service('users').update_password(user_id, password)
self.remove_all_tokens_for_email(reset_request['email'])
self.remove_private_data(doc)
return [reset_request['_id']]
def update_password(self, user_id, password):
"""Update the user password.
Returns true if successful.
"""
user = self.find_one(req=None, _id=user_id)
if not user:
raise SuperdeskApiError.unauthorizedError('User not found')
if not self.is_user_active(user):
raise UserInactiveError()
updates = {'password': get_hash(password, app.config.get('BCRYPT_GENSALT_WORK_FACTOR', 12)),
app.config['LAST_UPDATED']: utcnow()}
if self.user_is_waiting_activation(user):
updates['needs_activation'] = False
self.patch(user_id, updates=updates)
def authenticate(self):
"""Returns 401 response with CORS headers."""
raise SuperdeskApiError.unauthorizedError()
def authenticate(self):
"""Returns 401 response with CORS headers."""
raise SuperdeskApiError.unauthorizedError()
