def reset_password(data=None): if data is not None: try: name = unserialize(data, max_age=1800) except (BadTimeSignature, SignatureExpired): return render_template("reset_password.html", errors=["Your link has expired"]) except (BadSignature, TypeError, base64.binascii.Error): return render_template("reset_password.html", errors=["Your reset token is invalid"]) if request.method == "GET": return render_template("reset_password.html", mode="set") if request.method == "POST": user = Users.query.filter_by(name=name).first_or_404() user.password = request.form["password"].strip() db.session.commit() log( "logins", format="[{date}] {ip} - successful password reset for {name}", name=name, ) db.session.close() return redirect(url_for("auth.login")) if request.method == "POST": email_address = request.form["email"].strip() team = Users.query.filter_by(email=email_address).first() get_errors() if config.can_send_mail() is False: return render_template( "reset_password.html", errors=[ "Email could not be sent due to server misconfiguration" ], ) if not team: return render_template( "reset_password.html", errors=[ "If that account exists you will receive an email, please check your inbox" ], ) email.forgot_password(email_address, team.name) return render_template( "reset_password.html", errors=[ "If that account exists you will receive an email, please check your inbox" ], ) return render_template("reset_password.html")
def reset_password(data=None): if data is not None: try: name = unserialize(data, max_age=1800) except (BadTimeSignature, SignatureExpired): return render_template('reset_password.html', errors=['Your link has expired']) except (BadSignature, TypeError, base64.binascii.Error): return render_template('reset_password.html', errors=['Your reset token is invalid']) if request.method == "GET": return render_template('reset_password.html', mode='set') if request.method == "POST": team = Users.query.filter_by(name=name).first_or_404() team.password = bcrypt_sha256.encrypt( request.form['password'].strip()) db.session.commit() log('logins', format="[{date}] {ip} - successful password reset for {name}") db.session.close() return redirect(url_for('auth.login')) if request.method == 'POST': email_address = request.form['email'].strip() team = Users.query.filter_by(email=email_address).first() errors = get_errors() if config.can_send_mail() is False: return render_template( 'reset_password.html', errors=[ 'Email could not be sent due to server misconfiguration' ]) if not team: return render_template( 'reset_password.html', errors=[ 'If that account exists you will receive an email, please check your inbox' ]) email.forgot_password(email_address, team.name) return render_template( 'reset_password.html', errors=[ 'If that account exists you will receive an email, please check your inbox' ]) return render_template('reset_password.html')
def reset_password(data=None): if data is not None: try: name = unserialize(data, max_age=1800) except (BadTimeSignature, SignatureExpired): return render_template('reset_password.html', errors=['Votre lien a expiré']) except (BadSignature, TypeError, base64.binascii.Error): return render_template('reset_password.html', errors=['Votre token de réinitialisation est inalide']) if request.method == "GET": return render_template('reset_password.html', mode='set') if request.method == "POST": user = Users.query.filter_by(name=name).first_or_404() user.password = request.form['password'].strip() db.session.commit() log('logins', format="[{date}] {ip} - successful password reset for {name}", name=name) db.session.close() return redirect(url_for('auth.login')) if request.method == 'POST': email_address = request.form['email'].strip() team = Users.query.filter_by(email=email_address).first() errors = get_errors() if config.can_send_mail() is False: return render_template( 'reset_password.html', errors=['Le courriel n\'a pas pu être envoyé en raison d\'une erreur de configuration du serveur'] ) if not team: return render_template( 'reset_password.html', errors=['Si ce compte existe un courriel vous sera envoyé'] ) email.forgot_password(email_address, team.name) return render_template( 'reset_password.html', errors=['Si ce compte existe un courriel vous sera envoyé'] ) return render_template('reset_password.html')
def reset_password(data=None): if data is not None: try: email_address = unserialize(data, max_age=1800) except (BadTimeSignature, SignatureExpired): return render_template("reset_password.html", errors=["Your link has expired"]) except (BadSignature, TypeError, base64.binascii.Error): return render_template("reset_password.html", errors=["Your reset token is invalid"]) if request.method == "GET": return render_template("reset_password.html", mode="set") if request.method == "POST": password = request.form.get("password", "").strip() user = Users.query.filter_by(email=email_address).first_or_404() if user.oauth_id: return render_template( "reset_password.html", errors=[ "Your account was registered via an authentication provider and does not have an associated password. Please login via your authentication provider." ], ) pass_short = len(password) == 0 if pass_short: return render_template( "reset_password.html", errors=["Please pick a longer password"]) user.password = password db.session.commit() clear_user_session(user_id=user.id) log( "logins", format="[{date}] {ip} - successful password reset for {name}", name=user.name, ) db.session.close() email.password_change_alert(user.email) return redirect(url_for("auth.login")) if request.method == "POST": email_address = request.form["email"].strip() user = Users.query.filter_by(email=email_address).first() get_errors() if config.can_send_mail() is False: return render_template( "reset_password.html", errors=[ "Email could not be sent due to server misconfiguration" ], ) if not user: return render_template( "reset_password.html", errors=[ "If that account exists you will receive an email, please check your inbox" ], ) if user.oauth_id: return render_template( "reset_password.html", errors=[ "The email address associated with this account was registered via an authentication provider and does not have an associated password. Please login via your authentication provider." ], ) email.forgot_password(email_address) return render_template( "reset_password.html", errors=[ "If that account exists you will receive an email, please check your inbox" ], ) return render_template("reset_password.html")