def resetpassword(reset_key):
"""Reset password form (loaded after asked new password)."""
email = None
try:
email = mail_cookie_check_pw_reset(reset_key)
except InvenioWebAccessMailCookieDeletedError:
flash(
_('This request for resetting a password has already been used.'),
'error'
)
except InvenioWebAccessMailCookieError:
flash(_('This request for resetting a password is not valid or is '
'expired.'), 'error')
if email is None or cfg['CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS'] >= 3:
return redirect(url_for('webaccount.index'))
form = ResetPasswordForm(request.values)
if form.validate_on_submit():
password = request.values['password']
# change password
user = User.query.filter_by(email=email).one()
user.password = password
db.session.merge(user)
db.session.commit()
# delete cookie
mail_cookie_delete_cookie(reset_key)
flash(_("The password was correctly reset."), 'success')
return redirect(url_for('webaccount.index'))
return render_template('accounts/resetpassword.html', form=form)
def test_reset_password_password2(self):
"""Test ResetPasswordForm password2."""
from invenio.modules.accounts.forms import ResetPasswordForm
form = ResetPasswordForm(
password=self.password,
password2=self.password
)
assert form.validate() is True
form = ResetPasswordForm(
password=self.password,
password2=self.password+"different"
)
assert form.validate() is False
def test_reset_password_password(self):
"""Test ResetPasswordForm password."""
from invenio.modules.accounts.forms import ResetPasswordForm
not_valid_pwd = "x" * (self.min_len - 1)
valid_pwd = "x" * self.min_len
form = ResetPasswordForm(
password=self.password,
password2=self.password
)
assert form.validate() is True
form = ResetPasswordForm(
password=not_valid_pwd,
password2=not_valid_pwd
)
assert form.validate() is False
form = ResetPasswordForm(
password=valid_pwd,
password2=valid_pwd
)
assert form.validate() is True
