Python ForgotPassword示例

示例#1

文件： views.py 项目： zeitkunst/FluidNexusWebsite

def reset_password(request):
    session = DBSession()
    matchdict = request.matchdict
    token = matchdict["token"]

    forgotPassword = ForgotPassword.getByToken(token)
    if (not forgotPassword):
        request.session.flash(_("Reset password token not found in database."))
        return HTTPFound(location = route_url("home", request))

    if (request.logged_in):
        request.session.flash(_("You are already logged in and therefore cannot reset a password."))
        return HTTPFound(location = route_url("home", request))

    login_url = route_url('login', request)
    referrer = request.url
    if (referrer == login_url):
        referrer = '/' # never use the login form itself as came_from
    
    came_from = request.params.get('came_from', referrer)

    user = User.getByID(forgotPassword.user.id)

    fs = None
    
    if 'submitted' in request.params:
        fs = ResetPasswordFieldSet().bind(User, session = session, data = request.params or None)
        valid = fs.validate()
        if valid:
            user = User.getByID(request.params["user_id"])
            password = bcrypt.hashpw(fs.password1.value, bcrypt.gensalt())
            user.password = password
            user.user_type = User.NORMAL
            session.add(user)
            session.flush()

            session.query(ForgotPassword).filter(ForgotPassword.user_id == user.id).delete()

            request.session["username"] = user.username
            headers = remember(request, user.id)
            request.session.flash(_("You have successfully updated your password!"))
            return HTTPFound(location = route_url("home", request), headers = headers)

    if (fs is None):
        fs = ResetPasswordFieldSet().bind(User, session = session)
    form = fs.render()
    return dict(form = form, user_id = user.id, title = _("Forgot your password?"))

示例#2

文件： views.py 项目： zeitkunst/FluidNexusWebsite

def forgot_password(request):
    session = DBSession()
    matchdict = request.matchdict

    if (request.logged_in):
        request.session.flash(_("You are already logged in and therefore cannot request a new password."))
        return HTTPFound(location = route_url("home", request))

    login_url = route_url('login', request)
    referrer = request.url
    if (referrer == login_url):
        referrer = '/' # never use the login form itself as came_from
    
    came_from = request.params.get('came_from', referrer)

    fs = None

    if 'submitted' in request.params:
        fs = ForgotPasswordFieldSet().bind(User, session = session, data = request.params or None)
        valid_user = User.checkEmail(fs.username.value, fs.email.value)

        if (not valid_user):
            request.session.flash(_("E-mail and password combination do not match."))
            return HTTPFound(location = route_url("home", request))

        #user = User.getByEmail(fs.email.value)

        token = str(time.time())

        # Generate salt
        for x in xrange(0, 10):
            token += str(random.randint(0, 100))
        token = hashlib.sha256(token).hexdigest()

        fp = ForgotPassword(token = token)
        fp.user_id = valid_user.id
        session.add(fp)

        valid_user.user_type = User.FORGOT_PASSWORD
        session.add(valid_user)

        # Import smtplib for the actual sending function
        import smtplib
        
        # Import the email modules we'll need
        from email.mime.text import MIMEText

        text = """Please go to the following link to reset your password:

http://fluidnexus.net/reset_password/%s

If you have any questions please reply to this e-mail.

Best,

fluidnexus.net""" % token
        msg = MIMEText(text)
        msg["Subject"] = "Forgotten password for %s" % (fs.email.value)
        msg["From"] = "*****@*****.**"
        msg["To"] = fs.email.value
        s = smtplib.SMTP("localhost")
        s.sendmail("*****@*****.**", [fs.email.value], msg.as_string())
        s.quit()

        request.session.flash(_("Please check your e-mail for the link to reset your password."))
        return HTTPFound(location = route_url("home", request))

    if (fs is None):
        fs = ForgotPasswordFieldSet().bind(User, session = session)
    form = fs.render()
    return dict(form = form, title = _("Forgot your password?"))