def reset_password():
"""
Ask for a reset password link by email.
---
tags:
- Accounts
responses:
200:
description: fixme.
"""
email = request.args.get("email", None)
if not email:
abort(400)
user = User.query.filter(User.email == email).first()
if not user:
abort(404)
# generate a reset link
prt = PasswordResetToken()
prt.token = generate_random_token()
prt.expires_at = None
prt.user_id = user.id
db.session.add(prt)
db.session.commit()
add_user_log(user.id, user.id, "user", "info",
"Password reset token generated")
# Send email
token_link = f"https://{current_app.config['AP_DOMAIN']}/password-reset/{prt.token}"
msg = Message(subject="Password reset",
recipients=[user.email],
sender=current_app.config["MAIL_DEFAULT_SENDER"])
_config = Config.query.first()
if not _config:
print("ERROR: cannot get instance Config from database")
instance = {"name": None, "url": None}
if _config:
instance["name"] = _config.app_name
instance["url"] = current_app.config["REEL2BITS_URL"]
msg.body = render_template("email/password_reset.txt",
token_link=token_link,
user=user,
instance=instance)
msg.html = render_template("email/password_reset.html",
token_link=token_link,
user=user,
instance=instance)
err = None
mail = current_app.extensions.get("mail")
if not mail:
err = "mail extension is none"
else:
try:
mail.send(msg)
except ConnectionRefusedError as e:
# TODO: do something about that maybe
print(f"Error sending mail: {e}")
err = e
except smtplib.SMTPRecipientsRefused as e:
print(f"Error sending mail: {e}")
err = e
except smtplib.SMTPException as e:
print(f"Error sending mail: {e}")
err = e
if err:
add_log(
"global", "ERROR",
f"Error sending email for password reset user {user.id}: {err}"
)
add_user_log(user.id, user.id, "user", "error",
"An error occured while sending email")
return jsonify({"status": "ok"}), 204
