def post(self): site = GetSite() browser = detect(self.request) template_values = {} template_values['rnd'] = random.randrange(1, 100) template_values['site'] = site member = CheckAuth(self) l10n = GetMessages(self, member, site) template_values['l10n'] = l10n if member: template_values['member'] = member template_values['page_title'] = site.title + u' › 重新设置密码' # Verification: username & email username = self.request.get('username').strip().lower() email = self.request.get('email').strip().lower() q = db.GqlQuery("SELECT * FROM Member WHERE username_lower = :1 AND email = :2", username, email) if q.count() == 1: one = q[0] q2 = db.GqlQuery("SELECT * FROM PasswordResetToken WHERE timestamp > :1", (int(time.time()) - 86400)) if q2.count() > 2: error_message = '你不能在 24 小时内进行超过 2 次的密码重设操作。' template_values['errors'] = 1 template_values['error_message'] = error_message path = os.path.join(os.path.dirname(__file__), 'tpl', 'desktop', 'forgot.html') output = template.render(path, template_values) self.response.out.write(output) else: token = ''.join([str(random.randint(0, 9)) for i in range(32)]) prt = PasswordResetToken() prt.token = token prt.member = one prt.email = one.email prt.timestamp = int(time.time()) prt.put() mail_template_values = {} mail_template_values['site'] = site mail_template_values['one'] = one mail_template_values['host'] = self.request.headers['Host'] mail_template_values['token'] = token mail_template_values['ua'] = self.request.headers['User-Agent'] mail_template_values['ip'] = self.request.remote_addr path = os.path.join(os.path.dirname(__file__), 'tpl', 'mail', 'reset_password.txt') output = template.render(path, mail_template_values) result = mail.send_mail(sender="V2EX <*****@*****.**>", to= one.email, subject="=?UTF-8?B?" + base64.b64encode((u"[" + site.title + u"] 重新设置密码").encode('utf-8')) + "?=", body=output) path = os.path.join(os.path.dirname(__file__), 'tpl', 'desktop', 'forgot_sent.html') output = template.render(path, template_values) self.response.out.write(output) else: error_message = '无法找到匹配的用户名和邮箱记录' template_values['errors'] = 1 template_values['error_message'] = error_message path = os.path.join(os.path.dirname(__file__), 'tpl', 'desktop', 'forgot.html') output = template.render(path, template_values) self.response.out.write(output)
def post(self): site = GetSite() browser = detect(self.request) template_values = {} template_values["rnd"] = random.randrange(1, 100) template_values["site"] = site member = CheckAuth(self) l10n = GetMessages(self, member, site) template_values["l10n"] = l10n if member: template_values["member"] = member template_values["page_title"] = site.title + u" › 重新设置密码" # Verification: username & email username = self.request.get("username").strip().lower() email = self.request.get("email").strip().lower() q = db.GqlQuery("SELECT * FROM Member WHERE username_lower = :1 AND email = :2", username, email) if q.count() == 1: one = q[0] q2 = db.GqlQuery("SELECT * FROM PasswordResetToken WHERE timestamp > :1", (int(time.time()) - 86400)) if q2.count() > 2: error_message = "你不能在 24 小时内进行超过 2 次的密码重设操作。" template_values["errors"] = 1 template_values["error_message"] = error_message path = os.path.join(os.path.dirname(__file__), "tpl", "desktop", "forgot.html") output = template.render(path, template_values) self.response.out.write(output) else: token = "".join([str(random.randint(0, 9)) for i in range(32)]) prt = PasswordResetToken() prt.token = token prt.member = one prt.email = one.email prt.timestamp = int(time.time()) prt.put() mail_template_values = {} mail_template_values["site"] = site mail_template_values["one"] = one mail_template_values["host"] = self.request.headers["Host"] mail_template_values["token"] = token mail_template_values["ua"] = self.request.headers["User-Agent"] mail_template_values["ip"] = self.request.remote_addr path = os.path.join(os.path.dirname(__file__), "tpl", "mail", "reset_password.txt") output = template.render(path, mail_template_values) result = mail.send_mail( sender="V2EX <*****@*****.**>", to=one.email, subject="=?UTF-8?B?" + base64.b64encode((u"[" + site.title + u"] 重新设置密码").encode("utf-8")) + "?=", body=output, ) path = os.path.join(os.path.dirname(__file__), "tpl", "desktop", "forgot_sent.html") output = template.render(path, template_values) self.response.out.write(output) else: error_message = "无法找到匹配的用户名和邮箱记录" template_values["errors"] = 1 template_values["error_message"] = error_message path = os.path.join(os.path.dirname(__file__), "tpl", "desktop", "forgot.html") output = template.render(path, template_values) self.response.out.write(output)
def post(self): # Verification: username & email username = self.request.get('username').strip().lower() email = self.request.get('email').strip().lower() q = db.GqlQuery("SELECT * FROM Member WHERE username_lower = :1 AND email = :2", username, email) if q.count() == 1: one = q[0] q2 = db.GqlQuery("SELECT * FROM PasswordResetToken WHERE timestamp > :1 AND email = :2", (int(time.time()) - 86400), email) if q2.count() > 2: error_message = '您不能再24小時內重複2次設定密碼。' self.template_values['errors'] = 1 self.template_values['error_message'] = error_message path = os.path.join(os.path.dirname(__file__), 'tpl', 'desktop', 'forgot.html') output = template.render(path, self.template_values) self.response.out.write(output) else: token = ''.join([str(random.randint(0, 9)) for i in range(32)]) prt = PasswordResetToken() prt.token = token prt.member = one prt.email = one.email prt.timestamp = int(time.time()) prt.put() mail_template_values = {} mail_template_values['site'] = self.site mail_template_values['one'] = one mail_template_values['host'] = self.request.headers['Host'] mail_template_values['token'] = token mail_template_values['ua'] = self.request.headers['User-Agent'] mail_template_values['ip'] = self.request.remote_addr path = os.path.join(os.path.dirname(__file__), 'tpl', 'mail', 'reset_password.txt') output = template.render(path, mail_template_values) result = mail.send_mail(sender="*****@*****.**", to=one.email, subject="=?UTF-8?B?" + base64.b64encode((u"[" + self.site.title + u"] 重新设置密码").encode('utf-8')) + "?=", body=output) self.finalize(template_name='forgot_sent') else: error_message = '無法找到相符合的用戶名稱或電子郵件' self.template_values['errors'] = 1 self.template_values['error_message'] = error_message self.finalize(template_name='forgot')