def reset_password(): """ Ask for a reset password link by email. --- tags: - Accounts responses: 200: description: fixme. """ email = request.args.get("email", None) if not email: abort(400) user = User.query.filter(User.email == email).first() if not user: abort(404) # generate a reset link prt = PasswordResetToken() prt.token = generate_random_token() prt.expires_at = None prt.user_id = user.id db.session.add(prt) db.session.commit() add_user_log(user.id, user.id, "user", "info", "Password reset token generated") # Send email token_link = f"https://{current_app.config['AP_DOMAIN']}/password-reset/{prt.token}" msg = Message(subject="Password reset", recipients=[user.email], sender=current_app.config["MAIL_DEFAULT_SENDER"]) _config = Config.query.first() if not _config: print("ERROR: cannot get instance Config from database") instance = {"name": None, "url": None} if _config: instance["name"] = _config.app_name instance["url"] = current_app.config["REEL2BITS_URL"] msg.body = render_template("email/password_reset.txt", token_link=token_link, user=user, instance=instance) msg.html = render_template("email/password_reset.html", token_link=token_link, user=user, instance=instance) err = None mail = current_app.extensions.get("mail") if not mail: err = "mail extension is none" else: try: mail.send(msg) except ConnectionRefusedError as e: # TODO: do something about that maybe print(f"Error sending mail: {e}") err = e except smtplib.SMTPRecipientsRefused as e: print(f"Error sending mail: {e}") err = e except smtplib.SMTPException as e: print(f"Error sending mail: {e}") err = e if err: add_log( "global", "ERROR", f"Error sending email for password reset user {user.id}: {err}" ) add_user_log(user.id, user.id, "user", "error", "An error occured while sending email") return jsonify({"status": "ok"}), 204