diff options
Diffstat (limited to 'app.py')
-rw-r--r-- | app.py | 52 |
1 files changed, 51 insertions, 1 deletions
@@ -104,6 +104,55 @@ def register_complete(token): } +@app.route('/lost_password', methods=['GET', 'POST']) +@templated('lost_password.html') +@logout_required +def lost_password(): + form = LostPasswordForm(request.form) + if request.method == 'POST' and form.validate(): + #TODO: make the link only usable once (e.g include a hash of the old pw) + # atm the only thing we do is make the link valid for only little time + confirm_token = make_confirmation('lost_password', (form.username.data,)) + confirm_link = url_for('lost_password_complete', token=confirm_token, _external=True) + + body = render_template('mail/lost_password.txt', username=form.username.data, + link=confirm_link) + + send_mail(form.user.mail, u'Passwort vergessen', body, + sender=app.config.get('MAIL_CONFIRM_SENDER')) + + flash(u'Wir haben dir eine E-Mail mit einem Link zum Passwort ändern ' + u'geschickt. Bitte folge den Anweisungen in der E-Mail.', 'success') + + return redirect(url_for('index')) + + return {'form': form} + + +@app.route('/lost_password/<token>', methods=['GET', 'POST']) +@templated('lost_password_complete.html') +@logout_required +def lost_password_complete(token): + username, = http_verify_confirmation('lost_password', token.encode('ascii'), timeout=4*60*60) + + form = RegisterCompleteForm(request.form) + if request.method == 'POST' and form.validate(): + user = g.ldap.get_by_uid(username) + user.change_password(form.password.data) + g.ldap.update(user, as_admin=True) + + session['username'] = username + session['password'] = encrypt_password(form.password.data) + flash(u'Passwort geändert.', 'success') + + return redirect(url_for('settings')) + + return { + 'form': form, + 'token': token, + 'username': username, + } + @app.route('/settings', methods=['GET', 'POST']) @templated('settings.html') @@ -186,7 +235,8 @@ def debug(): # we need the app to exist before initializing the forms -from forms import RegisterForm, RegisterCompleteForm, LoginForm, SettingsForm +from forms import RegisterForm, RegisterCompleteForm, LoginForm, SettingsForm,\ + LostPasswordForm if __name__ == '__main__': |