def password_email(user): """ For resetting a user's password. """ from r2.lib.pages import PasswordReset user_reset_ratelimit = SimpleRateLimit( name="email_reset_count_%s" % user._id36, seconds=int(datetime.timedelta(hours=12).total_seconds()), limit=3, ) if not user_reset_ratelimit.record_and_check(): return False global_reset_ratelimit = SimpleRateLimit( name="email_reset_count_global", seconds=int(datetime.timedelta(hours=1).total_seconds()), limit=1000, ) if not global_reset_ratelimit.record_and_check(): raise ValueError("password reset ratelimit exceeded") token = PasswordResetToken._new(user) base = g.https_endpoint or g.origin passlink = base + '/resetpassword/' + token._id g.log.info("Generated password reset link: " + passlink) _system_email( user.email, PasswordReset(user=user, passlink=passlink).render(style='email'), Email.Kind.RESET_PASSWORD, user=user, ) return True
def password_email(user): """ For resetting a user's password. """ from r2.lib.pages import PasswordReset reset_count_key = "email-reset_count_%s" % user._id g.cache.add(reset_count_key, 0, time=3600 * 12) if g.cache.incr(reset_count_key) > 3: return False reset_count_global = "email-reset_count_global" g.cache.add(reset_count_global, 0, time=3600) if g.cache.incr(reset_count_global) > 1000: raise ValueError( "Somebody's beating the hell out of the password reset box") token = PasswordResetToken._new(user) base = g.https_endpoint or g.origin passlink = base + '/resetpassword/' + token._id g.log.info("Generated password reset link: " + passlink) _system_email( user.email, PasswordReset(user=user, passlink=passlink).render(style='email'), Email.Kind.RESET_PASSWORD, user=user, ) return True
def password_email(user): key = passhash(random.randint(0, 1000), user.email) passlink = 'http://' + g.domain + '/resetpassword/' + key cache.set("reset_%s" % key, user._id, time=1800) simple_email( user.email, '*****@*****.**', 'lesswrong.com password reset', PasswordReset(user=user, passlink=passlink).render(style='email'))
def password_email(user): """For resetting a user's password.""" from r2.lib.pages import PasswordReset token = make_reset_token(PasswordResetToken, user, issue_limit=3) if not token: return False passlink = token.make_token_url() if not passlink: return False g.log.info("Generated %s: %s for user %s", PasswordResetToken.__name__, passlink, user.name) signer = MessageSigner(g.secrets["outbound_url_secret"]) signature = base64.urlsafe_b64encode( signer.make_signature(_force_unicode(passlink), max_age=timedelta(days=180))) _system_email( user.email, PasswordReset( user=user, passlink=passlink, signature=signature, ).render(style='email'), Email.Kind.RESET_PASSWORD, reply_to=g.support_email, user=user, ) return True
def password_email(user): """ For resetting a user's password. """ from r2.lib.pages import PasswordReset reset_count_key = "email-reset_count_%s" % user._id g.cache.add(reset_count_key, 0, time=3600 * 12) if g.cache.incr(reset_count_key) > 3: return False reset_count_global = "email-reset_count_global" g.cache.add(reset_count_global, 0, time=3600) if g.cache.incr(reset_count_global) > 1000: raise ValueError( "Somebody's beating the hell out of the password reset box") key = passhash(randstr(64, reallyrandom=True), user.email) passlink = 'http://' + g.domain + '/resetpassword/' + key g.log.info("Generated password reset link: " + passlink) g.hardcache.set("email-reset_%s" % key, user._id, time=3600 * 12) _system_email( user.email, PasswordReset(user=user, passlink=passlink).render(style='email'), Email.Kind.RESET_PASSWORD) return True
def password_email(user): key = passhash(random.randint(0, 1000), user.email) passlink = 'http://' + g.domain + '/resetpassword/' + key cache.set("reset_%s" % key, user._id, time=1800) simple_email( user.email, '*****@*****.**', '%s password reset' % g.front_page_title, PasswordReset(user=user, passlink=passlink).render(style='email'))
def password_email(user): """ For resetting a user's password. """ from r2.lib.pages import PasswordReset key = passhash(randstr(64, reallyrandom = True), user.email) passlink = 'http://' + g.domain + '/resetpassword/' + key print "Generated password reset link: " + passlink g.cache.set("reset_%s" %key, user._id, time=1800) _system_email(user.email, PasswordReset(user=user, passlink=passlink).render(style='email'), Email.Kind.RESET_PASSWORD)