示例#1
0
def reset_password_link_page(urlsafe_string):

    try:
        temp_url = TemporaryUrl.get_by_id(int(urlsafe_string))
    except Exception as e:
        logging.info(e)
        return render_template('not_found_page.html'), 404

    if not temp_url.isActive():
        logging.info('password reset link expired')
        return render_template('not_found_page.html'), 404

    if not temp_url.user_key:
        logging.info('Reset link with no user key')
        return render_template('not_found_page.html'), 404

    form = ResetPasswordForm()

    if form.validate_on_submit():
        user = temp_url.user_key.get()
        user.password = generate_password_hash(form.password.data)
        user.put()
        temp_url.isValid = False
        temp_url.put()
        return redirect(url_for('web_app.home_page'))

    return render_template('reset_password_link_page.html',
                           form=form,
                           urlsafe_string=urlsafe_string)
示例#2
0
def resetpassword():
    form = ResetPasswordForm()
    if request.method == 'GET':
        return render_template('modify.html', form=form)
    else:

        if form.validate_on_submit():

            with g.db as cur:
                sql2 = 'select * from usertable where user_id="{0}" and user_password="******"'.format(
                    form.user_id.data, form.user_password.data)
                cur.execute(sql2)
                infos = [dict(id=row[0]) for row in cur.fetchall()]
            if infos == []:
                flash('Invalid!')
            else:
                with g.db as cur:
                    sql = """update usertable set user_password= '******' where user_id='{1}'
                """.format(form.user_newpassword.data, form.user_id.data)
                    cur.execute(sql)

            flash('You have resetpassword!')
        else:
            flash(form.errors)
        return redirect(url_for('show_todo_list'))
示例#3
0
def password_reset(token):

    email = confirm_token(token)
    user = User.query.filter_by(email=email).first()

    if user and user.reset:

        form = ResetPasswordForm(request.form)

        kwargs = {
            'page_title': 'Reset Password',
            'form_title': 'Reset Your Password',
            'action': url_for('password_reset', token=token),
            'primary_button': 'Submit',
            'links': [('Need help?', '#')]
        }

        if form.validate_on_submit():

            user.password = bcrypt.generate_password_hash(form.password.data)
            user.reset = False
            db.session.commit()

            flash(
                'Your password has been successfully reset. You can log in now.',
                'success')
            return redirect(url_for('homepage'))

        return render_template('formbuilder.html', form=form, **kwargs)

    else:
        flash('The reset password link is invalid or has expired.', 'danger')
        return redirect(url_for('homepage'))
示例#4
0
def reset_token(token):
    '''This function will update the new password for the user.'''
    username = session['username']
    valid = verify_reset_token(token)
    con = mysql.connect()
    cursor = con.cursor()
    if valid is False:
        flash('This URL has expired', 'warning')
        return redirect(url_for('forgot_password'))
    form = ResetPasswordForm()
    userDetails = request.form
    if form.validate_on_submit():
        password = bcrypt.generate_password_hash(str(
            userDetails['password'])).decode('utf-8')
        res = cursor.execute("SELECT * from USERS WHERE Email = %s;",
                             (username))
        if int(res) > 0:
            cursor.execute("UPDATE USERS SET Password = %s WHERE Email = %s",
                           (password, username))
            con.commit()
            flash('Your password has been updated!', 'success')
            return redirect(url_for('login'))
        else:
            print("Record Not found")
            flash("Email id does not exist", "error")
    con.close()
    return render_template('reset_token.html',
                           title='Reset Password',
                           form=form)
def reset_password():
    form = ResetPasswordForm()
    if form.validate_on_submit():
        # Query "users" database for hash using lookup
        user = db.execute("SELECT * FROM user WHERE user_id = :user_id",
                          user_id=session.get("user_id"))

        # Ensure current password is entered correctly
        if not check_password_hash(user[0]["hashed_pw"],
                                   form.current_password.data):
            flash('Current Password is invalid. Please re-enter', 'danger')
            return redirect("/account_settings")
        else:
            # Hash new password
            hashed_pw = generate_password_hash(form.new_password.data)
            # Update password in "user" table
            update_hash = db.execute(
                "UPDATE user SET hashed_pw = :hashed_pw WHERE user_id = :user_id",
                user_id=int(session.get("user_id")),
                hashed_pw=hashed_pw)
        # flash message
        flash('Password has been updated successfully!', 'success')
    else:
        flash("Sorry, we're unable to reset your password.", 'danger')

    return redirect("/account_settings")
示例#6
0
def reset_password():
    form = ResetPasswordForm()

    if request.method == 'GET':
        forgot_password_token = request.args.get('token')
        user = User.query.filter(User.forgotPasswordToken == forgot_password_token).first()
        if not user:
            abort(404)

        return render_template('reset_password.html', form=form, token=user.forgotPasswordToken)

    if request.method == 'POST':
        if form.validate_on_submit():
            if form.password.data != form.retype_password.data:
                flash("Entered passwords did not match")

            user = User.query.filter(User.forgotPasswordToken == request.form.get('token').strip()).first()
            if user:
                user.set_password(form.retype_password.data)
                user.forgotPasswordToken = ""
                db.session.commit()
                return redirect(url_for("api.home"))
            else:
                abort(404)

    abort(405)
示例#7
0
def reset_token(token):

    if current_user.is_authenticated:
        return redirect(url_for('admin'))

    user = User.varify_reset_token(token)

    if user is None:
        flash('that is invalid or expired token ', 'warning')
        return redirect(url_for('reset_request'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        register = Register(name=form.name.data,
                            username=form.username.data,
                            email=form.email.data,
                            password=form.password.data,
                            country=form.country.data,
                            city=form.city.data,
                            contact=form.contact.data,
                            address=form.address.data,
                            zipcode=form.zipcode.data)
        db.session.add(register)
        flash(f'Welcome {form.name.data} Thank you for registering', 'success')
        db.session.commit()
    return redirect(url_for('customerLogin'))
    return render_template('customer/reset_token.html',
                           title='Reset Password',
                           form=form)
示例#8
0
def reset():
    token = request.args.get('token')
    if not token:
        log_message(f'no token attempted reset')
        abort(404)

    try:
        user = User.deserialize(token)
    except SignatureExpired:
        flash('Expired Token', 'danger')
        log_message('expired token reset attempt')
        return redirect(url_for('main.index'))
    except BadSignature:
        flash('Invalid token', 'danger')
        log_message('bad signature reset attempt')
        return redirect(url_for('main.index'))

    form = ResetPasswordForm()
    if form.validate_on_submit():
        log_message(f'user_id: {user.id} changed password')
        user.change_password(form.password.data)
        db.session.add(user)
        db.session.commit()
        flash('Password reset', 'success')
        login_user(user)
        return redirect(url_for('dash.index'))
    return render_template('auth/reset.html.j2', form=form)
示例#9
0
def reset_password(serialized_token):
    expired, invalid, user = unserialize_token(serialized_token, 'reset')
    if expired:
        flash(msgs['LINK_EXPIRED'], 'error')
        return redirect(url_for('.index'))
    if invalid:
        flash(msgs['LINK_INVALID'], 'error')
        return redirect(url_for('.index'))
    
    form = ResetPasswordForm()
    form.login.data = user.login
    if form.validate_on_submit():
        encrypted_password = encrypt_password(form.password.data)
        user.passhash = encrypted_password

        db.session.add(user)
        db.session.commit()

        form.dispose_password()

        flash(msgs['RESET_PASSWORD_SUCCESS'])
        return redirect(url_for('.login'))
    
    for field in form.errors:
        flash('<strong>' + field.capitalize() + '</strong>' + ': ' + form.errors[field][0], 'error')
    
    return render_template('reset_password.html', form=form, serialized_token=serialized_token)
示例#10
0
 def post(self,token):
     headers = {'Content-Type': 'text/html'}
     form = ResetPasswordForm()
     if form.validate_on_submit():
         #user.set_password(form.password.data)
         #db.session.commit()
         updatePassword(token,form.password.data)
         
     return make_response(render_template('reset_password.html',form=form),200,headers)
示例#11
0
def reset_password(username):

    form = ResetPasswordForm()

    if form.validate_on_submit():
        password = form.password.data
        user = User.update_password(username, password)

        return redirect('/login')
        
示例#12
0
def forgotten_password():
    form = ResetPasswordForm()
    if form.validate_on_submit():
        registered_user = retrieve_user_by_name(username=form.username.data)
        if registered_user != 'unknown user' and registered_user.email == form.email.data:
            send_mail(form.email.data, 'reset_password')
            return '<h1>A link has been sent to your registered email to reset your password</h1>'
        else:
            return '<h1>username or email is not registered</h1>'
    return render_template('Forgotten_Password.html', form=form)
示例#13
0
def admin_reset_password():
    form = ResetPasswordForm()
    if form.validate_on_submit():
        admin_id = current_user.id
        admin = Admin.query.get(int(admin_id))
        admin.password = generate_password_hash(form.password.data)
        admin.is_pw_changed = True
        db.session.commit()
        return redirect(url_for('admin_dashboard'))
    return render_template('admin/reset_password.html', form=form)
示例#14
0
def password_reset():
    if current_user.is_authenticated:
        return redirect(url_for('index'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        user = UserData.query.filter_by(email=form.email.data).first()
        if user:
            token = user.generate_password_reset()
            send_email(user.email, 'Forex Access Reset Your Password', 'email_password_reset', user=user, token=token)
        flash('Check Your email for the instructions to reset your password')
    return render_template('password_reset.html', form=form)
示例#15
0
def reset_password(token):
    if current_user.is_authenticated:
        return redirect(url_for('index'))
    user = Student.verify_reset_password_token(token)
    if not user:
        return redirect(url_for('index'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        user.set_password(form.password.data)
        db.session.commit()
        flash('Your password has been reset.')
        return redirect(url_for('login'))
    return render_template('reset_password.html', form=form)
示例#16
0
def profile():

    password_reset_form = ResetPasswordForm()
    username_reset_form = ResetUsernameForm()

    existing_user = user.query.filter_by(email=current_user.email).first()
    security_question = security_question_dict[existing_user.security_question]
    existing_answer = existing_user.security_answer
    existing_password = existing_user.password
    if password_reset_form.validate_on_submit():
        security_answer = password_reset_form.security_answer.data
        new_password = password_reset_form.new_password.data

        if not check_password_hash(existing_answer, security_answer):
            flash("wrong  security answer")
            return redirect(url_for('auth.profile'))
        print(new_password)
        existing_user.password = generate_password_hash(new_password,
                                                        method='sha256')
        try:
            db.session.commit()
            return redirect(url_for('index'))
        except:
            return "Update error"

    if username_reset_form.validate_on_submit():

        old_password = username_reset_form.old_password.data
        new_username = username_reset_form.new_username.data

        if not check_password_hash(existing_password, old_password):
            flash("wrong password or security answer")
            return redirect(url_for('auth.profile'))
        user_already_exists = user.query.filter_by(
            username=new_username).first()
        if user_already_exists:
            flash("username is taken")
            return redirect(url_for('auth.profile'))

        existing_user.username = new_username
        try:
            db.session.commit()
            return redirect(url_for('index'))
        except:
            return "Update error"

    return render_template('profile.html',
                           current_user=current_user,
                           password_reset_form=password_reset_form,
                           username_reset_form=username_reset_form,
                           security_question=security_question)
def reset_password():
    # This function will reset the user password, send an email to the user at the entered email address.
    from datetime import datetime

    form = ResetPasswordForm()
    if form.validate_on_submit():

        # Checks is the entered email address is in the database and assigns to user
        user = User.query.filter_by(email=form.email.data).first()

        if user:
            # if user email is verified, reset_key is created and the current time is stored
            reset_key_request = create_random_pwd()
            reset_time_request = datetime.now()

            # set user reset_key and reset_timer
            user.reset_key = reset_key_request
            user.reset_timer = reset_time_request.day + 100 # save day as integer + 100

            reset_url = 'http://safety.americanpeptide.com/password_reset?email=%s&password_reset_key=%s' % (user.email, reset_key_request)

            flash("A password reset key has been created. Please check your email for the reset key to\
                  change your password.")

            msg = Message('Your Password Reset Key.',
                          sender=('Safety Training Website', '*****@*****.**'),
                          recipients=[user.email])
            msg.html = """
            <h2>User Password Reset</h2>
            <p>Hello %s %s.</p>
            <p>You have requested to change your password for the email %s. If you did not request to change your password,
            please ignore this message.</p>
            <p>To change your password, click on the following link. Enter the password reset key then enter
            your new password.</p>

            <p>Your Password Reset Key is: <strong> %s </strong></p>

            <p><a href="%s">Click here to reset your password.</a></p>
            """ % (user.firstname, user.lastname, user.email, reset_key_request, reset_url)

            mail.send(msg)

            # db.session.add(user)
            # print "session add user"
            db.session.commit()
            print "session commit user"
            return redirect(url_for('login'))
        else:
            flash("The email address that was entered is not valid. Please check the email and try again.")

    return render_template('reset_password.html', form=form)
示例#18
0
文件: views.py 项目: luna825/lunablog
def reset_password(token):
	if not current_user.is_anonymous:
		return redirect(url_for('main.index'))
	form = ResetPasswordForm()
	if form.validate_on_submit():
		user = User.query.filter_by(email=form.email.data).first()
		if user is None:
			return redirect(url_for('main.index'))
		if user.reset_password(token,form.password.data):
			flash('You password have been update')
			return redirect(url_for('auth.login'))
		else:
			return redirect(url_for('main.index'))
	return render_template('auth/reset_password.html',form = form)
示例#19
0
def reset_password(token):
    if current_user.is_authenticated:
        return redirect(url_for('profile.list_bookmarks'))

    user = User.verify_reset_password_token(token)

    if not user:
        return redirect(url_for('home.homepage'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        user.password(form.password.data)
        db.session.commit()
        flash('Your password has been reset.')
        return redirect(url_for('auth.login'))
    return render_template('email/reset_password.html', form=form)
示例#20
0
def reset_token(token):
    if current_user.is_authenticated:
        return redirect(url_for('signup'))
    user = User.verify_reset_token(token)
    if user is None:
        flash('That is invalid or expired token', 'warning')
        return redirect(url_for('reset_request'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        password = generate_password_hash(form.password.data)
        user.password = password
        db.session.commit()
        flash('Yor password has been updated!', 'success')
        return redirect(url_for('login'))
    return render_template('reset_token.html', form=form)
示例#21
0
def reset_token(token):
    student = Student.get_verify_token(token)
    if student is None:
        flash('Invalid or expired tokens', 'danger')
        return redirect(url_for('reset_request'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        hashed_pass = bcrypt.generate_password_hash(
            form.password.data).decode('utf-8')
        student.password = hashed_pass
        db.session.commit()
        flash('Your password has been updated', 'success')
        return redirect(url_for('login'))
    return render_template('reset_token.html',
                           title='Reset password',
                           form=form)
示例#22
0
def reset_password(token):
    serializer = URLSafeTimedSerializer('asdfghjkl')
    try:
        email = serializer.loads(token, 86400)
    except SignatureExpired:
        return 'Token Expired'
    user = User.query.filter_by(email=email).first()
    if user:
        form = ResetPasswordForm()
        if form.validate_on_submit():
            user.password_hash = user.hash_password(form.new_password.data)
            db.session.commit()
            flash('Password Changed!')
            return redirect(url_for('register'))
        return render_template('reset_password.html', form=form)
    return 'Password Reset Link Expired'
示例#23
0
def resetPassword(token):
    if current_user.is_authenticated:
        return redirect(url_for('index'))
    user = User.verify_reset_token(token)
    if user is None:
        flash('Invalid or expired password reset link', 'warning')
        return redirect(url_for('forgotPassword'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        user.password = form.new_password.data
        db.session.commit()
        flash('Your Password has been Updated! You can login now.', 'info')
        return redirect(url_for('login'))
    return render_template('resetpassword.html',
                           form=form,
                           title="ORM - Reset Password")
示例#24
0
def reset_token(token):
    if session.get('email'):
        return redirect(url_for('index'))
    user_x = user.verify_reset_token(token)
    if user_x is None:
        flash('Token is invalid or expired', 'warning')
        return redirect(url_for('request_reset'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        hashed_password = bcrypt.generate_password_hash(
            form.confirm_password.data).decode('utf-8')
        user_x.password = hashed_password
        db.session.commit()
        flash('Your password has been changed', 'success')
        return redirect(url_for('login'))
    return render_template('reset_token.html', form=form)
示例#25
0
def reset_user_password(userid):
    form = ResetPasswordForm()
    user = User.query.filter_by(id=userid).first()
    if form.validate_on_submit():
        print("Resetting Password:{}".format(form.new_password.data))

        user.set_password(form.new_password.data)
        db.session.commit()
        print("done")
        flash('Password has been reset for user {}'.format(user.username))
        return redirect(url_for('user_details'))

    return render_template('reset-password.html',
                           title='Reset Password',
                           form=form,
                           user=user)
示例#26
0
def confirm_forgot_password():
    reset_password_form = ResetPasswordForm()
    if reset_password_form.submit4.data and reset_password_form.validate_on_submit():
        result = request.form
        event = {
            'username': result['username'],
            'password': result['password'],
            'code': result['ver_code']
        }
        resp = reset_password(event)
        if resp['success']:
            return redirect(url_for('home', msg="Password has been changed successfully."))
        else:
            return redirect(url_for('confirm_forgot_password', msg=resp['message']))
    return render_template('confirm-forgot-password.html', resetpasswordform=reset_password_form,
                           msg=request.args.get('msg'), user=logged_in_user)
示例#27
0
def reset_token(token):
    if current_user.is_authenticated:
        return redirect(url_for('data', path=path))
    user = User.verify_reset_token(token)
    if user is None:
        flash('The link is invalid or expired. Please try again', 'warning')
        return redirect(url_for('reset_request'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        hashed_pwd = hashlib.md5(form.password.data).hexdigest()
        user.password = hashed_pwd
        db.session.commit()
        flash("Password has been changed successfully!!")
        return redirect(url_for('login'))
    return render_template('reset_token.html',
                           title='Reset Password',
                           form=form)
示例#28
0
def reset_password(token):
    if current_user.is_authenticated:
        return redirect(url_for('index'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        user = User.check_reset_token(token)
        if user:
            user.password = bcrypt.generate_password_hash(form.password.token)
            db.session.commit()
            flash(
                'Your password reset is done,you can login now with your new passowrd',
                category='info')
            return redirect(url_for('login'))
        else:
            flash('The user is not exist.', category='info')
            return redirect(url_for('login'))
    return render_template('reset_password.html', form=form)
示例#29
0
文件: views.py 项目: khalily/myblog
def reset_password(token):
    if not current_user.is_anonymous():
        return redirect(url_for('main.index'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).first()
        if not user:
            return redirect(url_for('main.index'))
        if not user.reset(token):
            flash('Invalidate token')
            return redirect(url_for('main.index'))
        user.password = form.new_password.data
        db.session.add(user)
        db.session.commit()
        flash('password reset successful. You can login.')
        return redirect(url_for('auth.login'))
    return render_template('auth/reset_password.html', form=form)
示例#30
0
def reset_token(token):
    if 'name' in session:
        return redirect(url_for('home'))
    #user = User.verify_reset_token(token)
    form = ResetPasswordForm()
    if form.validate_on_submit():
        for id in db1:
            b = db1.get(id)
            if (b['email'] == token):
                b['password'] = form.password.data
                db1.save(b)
        flash('Your password has been updated! You are now able to log in',
              'success')
        return redirect(url_for('login'))
    return render_template('reset_token.html',
                           title='Reset Password',
                           form=form)
示例#31
0
def reset_password():
    login = session.get('login', None)
    if not session.get('can_reset_password', None) or not login:
        abort(400)

    form = ResetPasswordForm(meta={'csrf_context': session})
    if form.validate_on_submit():
        password = form.password.data
        user = User.query.filter_by(login=login).first()
        user.set_password(password)
        db.session.commit()

        session['can_reset_password'] = False
        flash('Hasło zostało zmienione', 'alert alert-success')
        return redirect(url_for('account.login'))

    return render_template('reset_password.html', form=form)
示例#32
0
def reset_password(name, token):
    user = User.query.filter_by(name=name).first()
    if user and user.confirm_user(token):
        form = ResetPasswordForm()
        if request.method == 'GET':
            flash('Please reset your password', 'success')
            return render_template('user/reset_password.html', form=form)
        if form.validate_on_submit():
            user.password = form.password.data
            db.session.add(user)
            db.session.add(user)
            db.session.commit()
            flash('Password has been reset', 'success')
            return redirect(url_for('.index', name=user.name))
    else:
        flash('Wait...Wrong token!', 'danger')
    return redirect(url_for('front.index'))
示例#33
0
def reset_token(token):
    if current_user.is_authenticated:
        return redirect(url_for('index'))
    user = User.verify_reset_token(token)
    print(user)
    if user is None:
        flash('That is an invalid or expired token', 'warning')
        return redirect(url_for('reset_request'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        user.password_hash = generate_password_hash(form.password.data)
        user.login_attempts = 0
        db.session.commit()
        return redirect(url_for('login'))
    return render_template('reset_token.html',
                           title='Reset Password 2',
                           form=form)
示例#34
0
def reset(token):
	if not current_user.is_anonymous:#如果用户已经登录,跳转到首页
		return redirect(url_for('main.index'))
	form = ResetPasswordForm()
	if form.validate_on_submit():
		user = User.query.filter_by(email = form.email.data).first()
		if user is None:
			flash(u'邮箱地址错误')
		else:
			if user.confirm(token):
				user.password = form.password.data
				db.session.add(user)
				db.session.commit()
				flash(u'你刚刚重置了密码')
				return redirect(url_for('auth.login'))
			else:
				flash(u'错误的验证链接或链接已失效')
			#return redirect(url_for('main.index'))
	return render_template('auth/resetquest.html', form = form)
示例#35
0
def reset_user_password(id):
    if not g.user.is_admin():
        logger.error("%s tried to access /reset-user-password/%d", g.user.email, id)
        abort(403)

    user = User.query.get_or_404(id)

    form = ResetPasswordForm()

    if form.validate_on_submit():
        if request.form['button'] == 'Cancel':
            return form.redirect(url_for('user_list'))
        user.reset_password(form.pass2.data)

        flash("User password modified successfully")
        logger.info("Password for %s was modified", user.email)
        return redirect(url_for('user_list'))

    return render_template('admin_reset_password.html',
            title = "Modify password",
            user = user,
            form = form)