def test_delete(): test_creation() ppr = PendingPasswordReset('abc') ppr.delete() assert not ppr.in_db ppr = PendingPasswordReset('abc') assert not ppr.in_db
def reset_password(username, code): """ Resets a user's password after they've clicked a link in an email we sent them, then serves up a page for them to change their password. Not part of the documented API. """ ppr = PendingPasswordReset(username) if not ppr.in_db: return "No such user account", 404, PLAINTEXT_HEADER if ppr.age > timedelta(days=PASSWORD_RESET_DAYS): return "Request not valid", 410, PLAINTEXT_HEADER if ppr.verify_code != code: return "Invalid verification code", 403, PLAINTEXT_HEADER log_action('resetting user password', ppr) from libnemesis import srusers new_pass = srusers.users.GenPasswd() u = User(username) u.set_password(new_pass) # No need to save since set_password happens immediately ppr.delete() html = open(PATH + "/templates/password_reset.html").read() replacements = { 'first_name': u.first_name, 'last_name': u.last_name, 'password': new_pass, 'username': username, 'root': url_for('.index') } html = html.format(**replacements) return html, 200, CSP_HEADER
def reset_password(username, code): """ Resets a user's password after they've clicked a link in an email we sent them, then serves up a page for them to change their password. Not part of the documented API. """ ppr = PendingPasswordReset(username) if not ppr.in_db: return "No such user account", 404, PLAINTEXT_HEADER if ppr.age > timedelta(days = PASSWORD_RESET_DAYS): return "Request not valid", 410, PLAINTEXT_HEADER if ppr.verify_code != code: return "Invalid verification code", 403, PLAINTEXT_HEADER log_action('resetting user password', ppr) from libnemesis import srusers new_pass = srusers.users.GenPasswd() u = User(username) u.set_password(new_pass) # No need to save since set_password happens immediately ppr.delete() html = open(PATH + "/templates/password_reset.html").read() replacements = { 'first_name': u.first_name , 'last_name': u.last_name , 'password': new_pass , 'username': username , 'root': url_for('.index') } html = html.format(**replacements) return html, 200, CSP_HEADER