def forgot_password():
'''This function will generate a token once password reset request has been received. '''
userid=session.get('username')
if(userid!=None and userid!=''):
return redirect(url_for('showLandingPage'))#user is already logged in
con=None
try:
con = mysql.connect()
cursor = con.cursor()
form = RequestResetForm()
if form.validate_on_submit():
userDetails = request.form
res = cursor.execute("SELECT * from USERS WHERE Email = %s;",(userDetails['email']))
if int(res) > 0:
recipient = userDetails['email']
token = uuid.uuid4().hex#generate hexadecimal UUID
ts=datetime.datetime.now()
cursor.execute("INSERT INTO PASSWORD_RESET(Email,Token,Timestamp) VALUES (%s,%s,%s)",(recipient,token,ts))
con.commit()
msg = Message("Password Reset Request",
sender="",
recipients=[recipient])
msg.html = render_template('mail.html',token=token)
mail.send(msg)
app.logger.info('Password change request mail sent to {0}'.format(recipient))
flash("Mail Sent",'success')
else:
flash("User does not exist","danger")
except Exception:
app.logger.error('Error occurred in '+request.url)
app.logger.error(traceback.format_exc())
finally:
if(con!=None):
con.close()
return render_template('reset_request.html', title='Reset Password', form=form)
def forgot_password():
'''This function will generate a token once password reset request has been received. '''
con = mysql.connect()
cursor = con.cursor()
form = RequestResetForm()
if form.validate_on_submit():
userDetails = request.form
res = cursor.execute("SELECT * from USERS WHERE Email = %s;",
(userDetails['email']))
if int(res) > 0:
recipient = userDetails['email']
session['username'] = userDetails['email']
print("Generating token ")
token = ''.join(random.choice(lettersAndDigits) for i in range(8))
ts = datetime.datetime.now()
cursor.execute(
"INSERT INTO PASSWORD_RESET(Email,Token,Timestamp) VALUES (%s,%s,%s)",
(recipient, token, ts))
con.commit()
msg = Message("Password Reset Request",
sender="*****@*****.**",
recipients=[recipient])
msg.html = render_template('mail.html', token=token)
mail.send(msg)
print('Mail Sent')
flash("Mail Sent")
else:
flash("User doesnot exist", "danger")
con.close()
return render_template('reset_request.html',
title='Reset Password',
form=form)
def reset_request():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = RequestResetForm()
if form.validate_on_submit():
student = Student.query.filter(
Student.email == form.email.data).first()
token = student.get_reset_token()
token_message = f'''
{url_for('reset_token',token=token,_external=True)} '''
# sending a mail for successful request for password
try:
send_email(student.email,
'Reset Request Password Form',
'/mail/reset_password',
token_message=token_message)
except Exception as e:
print(e)
pass
flash('An Email Has been sent to your ID ' + student.email, 'success')
return redirect(url_for('login'))
return render_template('reset_request.html',
title='Reset password',
form=form)
def request_reset():
form = RequestResetForm()
connection = get_connection()
cursor = get_cursor()
if form.validate_on_submit():
with connection:
with cursor:
cursor.execute("SELECT * FROM user_account WHERE email = %s",
(form.email.data, ))
row = cursor.fetchone()
if row['email'] is not None:
date_hash = hashlib.md5(str(
row['last_login']).encode()).hexdigest()
import smtplib
from email.mime.text import MIMEText
message = MIMEText("""You've requested a password change! Head over to %s""" % \
(request.host + url_for("auth.reset_verify", uid=row['id'], date_hash=date_hash)))
message['Subject'] = "Password reset request"
message['From'] = "*****@*****.**"
message['To'] = row['email']
smtp = smtplib.SMTP(host="127.0.0.1", port=8080)
smtp.sendmail("*****@*****.**", row['email'],
message.as_string())
current_app.logger.info(message)
return render_template("auth/request_reset.html",
hash=date_hash)
return render_template("auth/request_reset.html", form=form)
def reset_request():
if current_user.is_authenticated:
return redirect(url_for('signup'))
form = RequestResetForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
send_reset_email(user)
flash('An email has been sent to reset your password', 'info')
return redirect(url_for('login'))
return render_template('request_reset.html', form=form)
def reset_request():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = RequestResetForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
send_reset_email(user)
flash("An email has been send with instructions to reset", 'info')
return redirect(url_for('login'))
return render_template('reset_request.html',
title='Reset Password',
form=form)
def reset_request():
if current_user.is_authenticated:
return redirect(url_for('data', path=path))
form = RequestResetForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
send_reset_email(user)
flash(
"Reset link has been sent in an email and will expire in 15 mins")
return redirect(url_for('login'))
return render_template('reset_request.html',
title='Reset Password',
form=form)
def reset_request():
if current_user.is_authenticated:
return redirect(url_for('admin'))
form = RequestResetForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
send_reset_email(user)
flash('An email send by the instruction to reset your password',
'__info__')
return (redirect(url_for('admin')))
return render_template('customer/reset_request.html',
title='Reset Password',
form=form)
def request_reset():
if session.get('email'):
return redirect(url_for('index'))
form = RequestResetForm()
if form.validate_on_submit():
user_b = get_user_by_email(form.email.data)
token = user_b.get_reset_token()
msg = Message('Password reset request',
sender='*****@*****.**',
recipients=[user_b.email])
msg.body = f'Click on this link to reset the password\n{url_for("reset_token", token=token, _external=True)}'
mail.send(msg)
return redirect(url_for('login'))
return render_template('reset_request.html', form=form)
def reset_request():
if 'name' in session:
return redirect(url_for('home'))
form = RequestResetForm()
if form.validate_on_submit():
for id in db1:
b = db1.get(id)
if (form.email.data == b['email']):
send_reset_email(b['email'])
flash(
'An email has been sent with instructions to reset your password.',
'info')
return redirect(url_for('login'))
return render_template('reset_request.html',
title='Reset Password',
form=form)
def reset_request():
if current_user.is_authenticated:
if session['company']:
return redirect(url_for('companypage'))
else:
return redirect(url_for('userpage'))
form = RequestResetForm()
if form.validate_on_submit():
user = Person.query.filter_by(email=form.email.data).first()
if user is None:
user = Company.query.filter_by(email=form.email.data).first()
if user is None:
return redirect(url_for('signuptype'))
send_reset_email(user)
flash('An email has been sent with instruction to reset your password',
'info')
return redirect(url_for('login'))
return render_template('reset_request.html',
title="Reset Password",
formpage=form)
def reset_request():
form = RequestResetForm()
if request.method == 'GET':
return render_template('reset_request.html', title='Reset Password', form=form)
else:
email = form.email.data
response = table.get_item(Key={'email': email})
if response:
try:
user_email = response['Item']['email']
session['email'] = user_email
SendgridService.send_email(user_email)
flash('An email has been sent with instructions to reset your password.', 'info')
return redirect('/Prod/login')
except:
flash('Incorrect email', 'danger')
return render_template('reset_request.html', title='Reset Password', form=form)