def reset_pwd(request): if request.method == 'POST': form = ResetPasswordForm(request.POST.copy()) if form.is_valid(): oldpassword = form.cleaned_data["oldpassword"] user = auth.authenticate(username=request.user.username, password=oldpassword) if user == request.user: newpassword2 = form.cleaned_data["newpassword2"] user.set_password(newpassword2) user.save() return render_to_response( 'accounts/profile_reset_password.html', { 'form': form, 'sidebar_index': 'reset_pwd', 'reset_success': 'Y' }, context_instance=RequestContext(request)) error_msg = ["原密码错误"] form.errors['oldpassword'] = ErrorList(error_msg) else: form = ResetPasswordForm() return render_to_response('accounts/profile_reset_password.html', { 'form': form, 'sidebar_index': 'reset_pwd' }, context_instance=RequestContext(request))
def password_reset_done(request, pk): try: user_reset_password = UserResetPassword.objects.get(user_id=pk) response = '' success_message = '' except UserResetPassword.DoesNotExist: return HttpResponse("User does not exist.") if request.method == 'POST': reset_password_form = ResetPasswordForm(data=request.POST) if reset_password_form.is_valid(): password = request.POST['new_password'] success_message = utils.reset_password(user_reset_password, password) else: # ResetPasswordForm.errors response = messages.PASSWORD_MISMATCH else: reset_password_form = ResetPasswordForm() return render( request, 'reset_password.html', { 'form': reset_password_form, 'response': response, 'success_message': success_message })
def reset_password(request): """ View for resetting a user's password """ if request.method == 'POST': form = ResetPasswordForm(request.POST) if form.is_valid(): # Generate password new_password = User.objects.make_random_password( length=16, allowed_chars= 'abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789') user = User.objects.get( username__exact=form.cleaned_data.get('username'), email__exact=form.cleaned_data.get('email')) # Send password reset mail text = get_template('mail/reset_password.txt') html = get_template('mail/reset_password.haml') mail_context = Context({ 'username': form.cleaned_data.get('username'), 'new_password': new_password }) text_content = text.render(mail_context) html_content = html.render(mail_context) message = EmailMultiAlternatives('Element43 password reset', text_content, settings.DEFAULT_FROM_EMAIL, [form.cleaned_data.get('email')]) message.attach_alternative(html_content, "text/html") message.send() # Save new password user.set_password(new_password) user.save() # Add success message messages.info( request, 'A new password has been sent to your e-mail address.') # Redirect home return HttpResponseRedirect(reverse('home')) else: form = ResetPasswordForm() rcontext = RequestContext(request, {}) return render_to_response('reset_password.haml', {'form': form}, rcontext)
def reset_password(request): if request.method == 'GET': form = ResetPasswordForm() return render(request, 'reset_password.html', {'form': form}) else: form = ResetPasswordForm(request.POST) try: username_or_email = request.POST['username_or_email'].lower( ).strip() user = User.objects.filter( username=username_or_email) | User.objects.filter( email=username_or_email) user = user[0] except: errors = form.add_error("", "User not found") data = {'form': form} return render(request, 'reset_password.html', data) # if user already has a profile attached if hasattr(user, 'profile') and user.profile.password_reset_token != None: dt = timezone.now() - user.profile.password_reset_token_expiration hours = dt.seconds / 60 / 60 if hours >= 1: user.profile.password_reset_token = uuid.uuid4() user.profile.password_reset_token_expiration = timezone.now() user.profile.save() send_reset_email(request, user) messages.success(request, 'Reset password email sent.') return redirect('main_index') else: errors = form.add_error( "", "The recover link has already been requested") data = {'form': form} # wait one hour before ask for another reset password token return render(request, 'reset_password.html', data) if hasattr(user, 'profile') and user.profile.password_reset_token == None: # update existing profile profile = user.profile addNewProfile = False else: #create new profile profile = Profile() addNewProfile = True profile.password_reset_token = uuid.uuid4() profile.password_reset_token_expiration = timezone.now() if addNewProfile == True: user.profile = profile profile.save() # save profile user.save() # save userp # send confirmation email send_reset_email(request, user) messages.success(request, 'Reset password email sent.') return redirect('main_index')
def reset_password(request, template_name, extra_context=None): if request.method == 'POST': form = ResetPasswordForm(request.POST) if form.is_valid(): user = User.objects.get(username=form.cleaned_data['username']) user.set_password(form.cleaned_data['new_password']) return JSONResponse({}) else: return JSONError(utils.dump_form_errors(form)) else: form = ResetPasswordForm() return render_to_response(template_name, {'form': form}, context_instance=RequestContext(request))
def password_reset(request): if request.method == "POST": password_reset_form = ResetPasswordForm(request.POST) if password_reset_form.is_valid(): email = password_reset_form.save() return direct_to_template(request, "account/password_reset_done.html", { "email": email, }) else: password_reset_form = ResetPasswordForm() return direct_to_template(request, "account/password_reset.html", { "password_reset_form": password_reset_form, })
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('admin')) user = User.varify_reset_token(token) if user is None: flash('that is invalid or expired token ', 'warning') return redirect(url_for('reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): register = Register(name=form.name.data, username=form.username.data, email=form.email.data, password=form.password.data, country=form.country.data, city=form.city.data, contact=form.contact.data, address=form.address.data, zipcode=form.zipcode.data) db.session.add(register) flash(f'Welcome {form.name.data} Thank you for registering', 'success') db.session.commit() return redirect(url_for('customerLogin')) return render_template('customer/reset_token.html', title='Reset Password', form=form)
def reset(): token = request.args.get('token') if not token: log_message(f'no token attempted reset') abort(404) try: user = User.deserialize(token) except SignatureExpired: flash('Expired Token', 'danger') log_message('expired token reset attempt') return redirect(url_for('main.index')) except BadSignature: flash('Invalid token', 'danger') log_message('bad signature reset attempt') return redirect(url_for('main.index')) form = ResetPasswordForm() if form.validate_on_submit(): log_message(f'user_id: {user.id} changed password') user.change_password(form.password.data) db.session.add(user) db.session.commit() flash('Password reset', 'success') login_user(user) return redirect(url_for('dash.index')) return render_template('auth/reset.html.j2', form=form)
def reset_password(): form = ResetPasswordForm(request.form) if request.method == "POST" and form.validate(): token = form.token.data s = Signer(app.config['SECRET_KEY']) try: email = s.unsign(token) except BadSignature: return render_template("reset_invalid_token.html") user = User.query.filter_by(email=email).first() if user: user.set_password(form.password.data) print user.password login_user(user) return redirect("/") else: return render_template("reset_invalid_token.html") token = request.args.get('token', None) if not token: return render_template("reset_invalid_token.html") return render_template("reset_password.html", form=form, token=token)
def resetpassword(): form = ResetPasswordForm() if request.method == 'GET': return render_template('modify.html', form=form) else: if form.validate_on_submit(): with g.db as cur: sql2 = 'select * from usertable where user_id="{0}" and user_password="******"'.format( form.user_id.data, form.user_password.data) cur.execute(sql2) infos = [dict(id=row[0]) for row in cur.fetchall()] if infos == []: flash('Invalid!') else: with g.db as cur: sql = """update usertable set user_password= '******' where user_id='{1}' """.format(form.user_newpassword.data, form.user_id.data) cur.execute(sql) flash('You have resetpassword!') else: flash(form.errors) return redirect(url_for('show_todo_list'))
def reset_password(): form = ResetPasswordForm() if request.method == 'GET': forgot_password_token = request.args.get('token') user = User.query.filter(User.forgotPasswordToken == forgot_password_token).first() if not user: abort(404) return render_template('reset_password.html', form=form, token=user.forgotPasswordToken) if request.method == 'POST': if form.validate_on_submit(): if form.password.data != form.retype_password.data: flash("Entered passwords did not match") user = User.query.filter(User.forgotPasswordToken == request.form.get('token').strip()).first() if user: user.set_password(form.retype_password.data) user.forgotPasswordToken = "" db.session.commit() return redirect(url_for("api.home")) else: abort(404) abort(405)
def reset_password(): form = ResetPasswordForm() if form.validate_on_submit(): # Query "users" database for hash using lookup user = db.execute("SELECT * FROM user WHERE user_id = :user_id", user_id=session.get("user_id")) # Ensure current password is entered correctly if not check_password_hash(user[0]["hashed_pw"], form.current_password.data): flash('Current Password is invalid. Please re-enter', 'danger') return redirect("/account_settings") else: # Hash new password hashed_pw = generate_password_hash(form.new_password.data) # Update password in "user" table update_hash = db.execute( "UPDATE user SET hashed_pw = :hashed_pw WHERE user_id = :user_id", user_id=int(session.get("user_id")), hashed_pw=hashed_pw) # flash message flash('Password has been updated successfully!', 'success') else: flash("Sorry, we're unable to reset your password.", 'danger') return redirect("/account_settings")
def password_reset(token): email = confirm_token(token) user = User.query.filter_by(email=email).first() if user and user.reset: form = ResetPasswordForm(request.form) kwargs = { 'page_title': 'Reset Password', 'form_title': 'Reset Your Password', 'action': url_for('password_reset', token=token), 'primary_button': 'Submit', 'links': [('Need help?', '#')] } if form.validate_on_submit(): user.password = bcrypt.generate_password_hash(form.password.data) user.reset = False db.session.commit() flash( 'Your password has been successfully reset. You can log in now.', 'success') return redirect(url_for('homepage')) return render_template('formbuilder.html', form=form, **kwargs) else: flash('The reset password link is invalid or has expired.', 'danger') return redirect(url_for('homepage'))
def reset_token(token): '''This function will update the new password for the user.''' username = session['username'] valid = verify_reset_token(token) con = mysql.connect() cursor = con.cursor() if valid is False: flash('This URL has expired', 'warning') return redirect(url_for('forgot_password')) form = ResetPasswordForm() userDetails = request.form if form.validate_on_submit(): password = bcrypt.generate_password_hash(str( userDetails['password'])).decode('utf-8') res = cursor.execute("SELECT * from USERS WHERE Email = %s;", (username)) if int(res) > 0: cursor.execute("UPDATE USERS SET Password = %s WHERE Email = %s", (password, username)) con.commit() flash('Your password has been updated!', 'success') return redirect(url_for('login')) else: print("Record Not found") flash("Email id does not exist", "error") con.close() return render_template('reset_token.html', title='Reset Password', form=form)
def reset_password_link_page(urlsafe_string): try: temp_url = TemporaryUrl.get_by_id(int(urlsafe_string)) except Exception as e: logging.info(e) return render_template('not_found_page.html'), 404 if not temp_url.isActive(): logging.info('password reset link expired') return render_template('not_found_page.html'), 404 if not temp_url.user_key: logging.info('Reset link with no user key') return render_template('not_found_page.html'), 404 form = ResetPasswordForm() if form.validate_on_submit(): user = temp_url.user_key.get() user.password = generate_password_hash(form.password.data) user.put() temp_url.isValid = False temp_url.put() return redirect(url_for('web_app.home_page')) return render_template('reset_password_link_page.html', form=form, urlsafe_string=urlsafe_string)
def reset_password(serialized_token): expired, invalid, user = unserialize_token(serialized_token, 'reset') if expired: flash(msgs['LINK_EXPIRED'], 'error') return redirect(url_for('.index')) if invalid: flash(msgs['LINK_INVALID'], 'error') return redirect(url_for('.index')) form = ResetPasswordForm() form.login.data = user.login if form.validate_on_submit(): encrypted_password = encrypt_password(form.password.data) user.passhash = encrypted_password db.session.add(user) db.session.commit() form.dispose_password() flash(msgs['RESET_PASSWORD_SUCCESS']) return redirect(url_for('.login')) for field in form.errors: flash('<strong>' + field.capitalize() + '</strong>' + ': ' + form.errors[field][0], 'error') return render_template('reset_password.html', form=form, serialized_token=serialized_token)
def reset_password(): if request.method == "POST": form = ResetPasswordForm( request.form) if( form.validate()): user = User.objects.get( email=form.email.data) password_reset_token = user.generate_password_reset_token() host = request.headers["HOST"] link = "http://%s/accounts/password/reset/%s" % (host, password_reset_token) mesg = "Hi %s,\n\nSomeone (probably you) requested for a password reset at %s. Please visit the following link if you wish to reset your password:\n\n%s\n\nHave a good day!" % (user.name, host, link) send_mail( "[%s] Reset Password" % host, mesg, current_app.config["SERVER_EMAIL"], [user.email], fail_silently=False) flash( "Sent you a mail to reset the password. Do remember to check your spam folder as well.", "success") form = ResetPasswordForm() return render_template( "auth/reset_password.html", **locals())
def before_request(): g.user = current_user g.login_form = LoginForm() g.search_form = SearchForm() g.form = RegistrationForm() g.forget_form = ForgetForm() g.reset_pwd_form = ResetPasswordForm() g.reset_email_form = ResetEmailForm() g.add_prod_form = AddProdForm()
def post(self,token): headers = {'Content-Type': 'text/html'} form = ResetPasswordForm() if form.validate_on_submit(): #user.set_password(form.password.data) #db.session.commit() updatePassword(token,form.password.data) return make_response(render_template('reset_password.html',form=form),200,headers)
def update_password_form(username, token): user = User.validate_reset_token(username, token) form = ResetPasswordForm() if user: render_template('reset-password.html', form=form, user=user) else: abort(401)
def forgotten_password(): form = ResetPasswordForm() if form.validate_on_submit(): registered_user = retrieve_user_by_name(username=form.username.data) if registered_user != 'unknown user' and registered_user.email == form.email.data: send_mail(form.email.data, 'reset_password') return '<h1>A link has been sent to your registered email to reset your password</h1>' else: return '<h1>username or email is not registered</h1>' return render_template('Forgotten_Password.html', form=form)
def admin_reset_password(): form = ResetPasswordForm() if form.validate_on_submit(): admin_id = current_user.id admin = Admin.query.get(int(admin_id)) admin.password = generate_password_hash(form.password.data) admin.is_pw_changed = True db.session.commit() return redirect(url_for('admin_dashboard')) return render_template('admin/reset_password.html', form=form)
def reset_password(username): form = ResetPasswordForm() if form.validate_on_submit(): password = form.password.data user = User.update_password(username, password) return redirect('/login')
def reset_password(request): def reset_fail(msg): messages.add_message(request, messages.ERROR, msg) return HttpResponseRedirect(reverse('main_page')) if request.method == 'GET': reset_string = request.GET.get('rid') user_id = request.GET.get('uid') if reset_string and user_id: profile = UserProfile.objects.get(pk=ObjectId(user_id)) if profile.password_reset_stub == reset_string: form = ResetPasswordForm(initial={ 'user': user_id, 'reset_string': reset_string }) return render_to_response( 'reset_password.html', locals(), context_instance=RequestContext(request)) return HttpResponseRedirect(reverse('main_page')) form = ResetPasswordForm(request.POST) if form.is_valid(): data = form.cleaned_data try: profile = UserProfile.objects.get(pk=ObjectId(data['user'])) except UserProfile.DoesNotExist: return reset_fail( "An error occurred while resetting your password.") if profile.password_reset_stub == data['reset_string']: profile.password_reset_stub = "" profile.user.set_password(data['password1']) profile.user.save() profile.save() messages.add_message(request, messages.SUCCESS, "Your password has been reset successfully.") return HttpResponseRedirect(reverse('login')) return reset_fail("An error occurred while resetting your password.") return render_to_response('reset_password.html', locals(), context_instance=RequestContext(request))
def password_reset(): if current_user.is_authenticated: return redirect(url_for('index')) form = ResetPasswordForm() if form.validate_on_submit(): user = UserData.query.filter_by(email=form.email.data).first() if user: token = user.generate_password_reset() send_email(user.email, 'Forex Access Reset Your Password', 'email_password_reset', user=user, token=token) flash('Check Your email for the instructions to reset your password') return render_template('password_reset.html', form=form)
def forgot_password(request): if request.user.is_authenticated: return HttpResponse('User already logged int') if request.method == 'GET': return render(request, "forgotpassword.html", {}) elif request.method == 'POST': form = ResetPasswordForm(request.POST) if form.is_valid(): return AuthCenter.process_form(form, request) return HttpResponse('Invalid form') else: return HttpResponseServerError('Invalid method invoked %s' % request.method)
def reset_pass(): form = ResetPasswordForm() email = session.get('email') if request.method == 'GET': return render_template('reset_password.html', title='Reset Password', form=form) else: response = table.get_item(Key={'email': email}) user = response['Item'] user['password'] = hash_password(form.password.data) table.put_item(Item=user) return redirect('/Prod/login')
def reset_password(token): if current_user.is_authenticated: return redirect(url_for('index')) user = Student.verify_reset_password_token(token) if not user: return redirect(url_for('index')) form = ResetPasswordForm() if form.validate_on_submit(): user.set_password(form.password.data) db.session.commit() flash('Your password has been reset.') return redirect(url_for('login')) return render_template('reset_password.html', form=form)
def profile(): password_reset_form = ResetPasswordForm() username_reset_form = ResetUsernameForm() existing_user = user.query.filter_by(email=current_user.email).first() security_question = security_question_dict[existing_user.security_question] existing_answer = existing_user.security_answer existing_password = existing_user.password if password_reset_form.validate_on_submit(): security_answer = password_reset_form.security_answer.data new_password = password_reset_form.new_password.data if not check_password_hash(existing_answer, security_answer): flash("wrong security answer") return redirect(url_for('auth.profile')) print(new_password) existing_user.password = generate_password_hash(new_password, method='sha256') try: db.session.commit() return redirect(url_for('index')) except: return "Update error" if username_reset_form.validate_on_submit(): old_password = username_reset_form.old_password.data new_username = username_reset_form.new_username.data if not check_password_hash(existing_password, old_password): flash("wrong password or security answer") return redirect(url_for('auth.profile')) user_already_exists = user.query.filter_by( username=new_username).first() if user_already_exists: flash("username is taken") return redirect(url_for('auth.profile')) existing_user.username = new_username try: db.session.commit() return redirect(url_for('index')) except: return "Update error" return render_template('profile.html', current_user=current_user, password_reset_form=password_reset_form, username_reset_form=username_reset_form, security_question=security_question)
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('signup')) user = User.verify_reset_token(token) if user is None: flash('That is invalid or expired token', 'warning') return redirect(url_for('reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): password = generate_password_hash(form.password.data) user.password = password db.session.commit() flash('Yor password has been updated!', 'success') return redirect(url_for('login')) return render_template('reset_token.html', form=form)