def reset_password(token): """ Method to allow a user to reset his/her password. """ form = forms.ResetPasswordForm() user_obj = pagure.lib.search_user(SESSION, token=token) if not user_obj: flask.flash('No user associated with this token.', 'error') return flask.redirect(flask.url_for('auth_login')) elif not user_obj.token: flask.flash( 'Invalid user, this user never asked for a password change', 'error') return flask.redirect(flask.url_for('auth_login')) if form.validate_on_submit(): user_obj.password = generate_hashed_value(form.password.data) user_obj.token = None SESSION.add(user_obj) try: SESSION.commit() flask.flash( 'Password changed') except SQLAlchemyError as err: # pragma: no cover SESSION.rollback() flask.flash('Could not set the new password.', 'error') APP.logger.debug( 'Password lost change - Error setting password.') APP.logger.exception(err) return flask.redirect(flask.url_for('auth_login')) return flask.render_template( 'login/password_reset.html', form=form, token=token, )
def reset_password(token): """ Method to allow a user to reset his/her password. """ form = forms.ResetPasswordForm() user_obj = pagure.lib.query.search_user(flask.g.session, token=token) if not user_obj: flask.flash("No user associated with this token.", "error") return flask.redirect(flask.url_for("auth_login")) elif not user_obj.token: flask.flash( "Invalid user, this user never asked for a password change", "error", ) return flask.redirect(flask.url_for("auth_login")) if form.validate_on_submit(): user_obj.password = generate_hashed_value(form.password.data) user_obj.token = None flask.g.session.add(user_obj) try: flask.g.session.commit() flask.flash("Password changed") except SQLAlchemyError: # pragma: no cover flask.g.session.rollback() flask.flash("Could not set the new password.", "error") _log.exception("Password lost change - Error setting password.") return flask.redirect(flask.url_for("auth_login")) return flask.render_template("login/password_reset.html", form=form, token=token)