##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

fixes #223 improve password reset form
marcink -
r1417:5875955d beta
parent child Browse files
Show More
Show file before | Show file after | Hide comments
1 NO CONTENT: new file 100644
Show file before | Show file after | Hide comments
@@ -294,6 +294,10 b' def make_map(config):'
294 294 rmap.connect('reset_password', '%s/password_reset' % ADMIN_PREFIX,
295 295 controller='login', action='password_reset')
296 296
297 rmap.connect('reset_password_confirmation',
298 '%s/password_reset_confirmation' % ADMIN_PREFIX,
299 controller='login', action='password_reset_confirmation')
300
297 301 #FEEDS
298 302 rmap.connect('rss_feed_home', '/{repo_name:.*}/feed/rss',
299 303 controller='feed', action='rss',
Show file before | Show file after | Hide comments
@@ -129,8 +129,8 b' class LoginController(BaseController):'
129 129 password_reset_form = PasswordResetForm()()
130 130 try:
131 131 form_result = password_reset_form.to_python(dict(request.POST))
132 user_model.reset_password(form_result)
133 h.flash(_('Your new password was sent'),
132 user_model.reset_password_link(form_result)
133 h.flash(_('Your password reset link was sent'),
134 134 category='success')
135 135 return redirect(url('login_home'))
136 136
@@ -144,6 +144,23 b' class LoginController(BaseController):'
144 144
145 145 return render('/password_reset.html')
146 146
147 def password_reset_confirmation(self):
148
149 if request.GET and request.GET.get('key'):
150 try:
151 user_model = UserModel()
152 user = User.get_by_api_key(request.GET.get('key'))
153 data = dict(email=user.email)
154 user_model.reset_password(data)
155 h.flash(_('Your password reset was successful, '
156 'new password has been sent to your email'),
157 category='success')
158 except Exception, e:
159 log.error(e)
160 return redirect(url('reset_password'))
161
162 return redirect(url('login_home'))
163
147 164 def logout(self):
148 165 del session['rhodecode_user']
149 166 session.save()
Show file before | Show file after | Hide comments
@@ -34,7 +34,7 b' from time import mktime'
34 34 from operator import itemgetter
35 35 from string import lower
36 36
37 from pylons import config
37 from pylons import config, url
38 38 from pylons.i18n.translation import _
39 39
40 40 from rhodecode.lib import LANGUAGES_EXTENSIONS_MAP, safe_str
@@ -249,6 +249,45 b' def get_commits_stats(repo_name, ts_min_'
249 249 log.info('LockHeld')
250 250 return 'Task with key %s already running' % lockkey
251 251
252 @task(ignore_result=True)
253 def send_password_link(user_email):
254 try:
255 log = reset_user_password.get_logger()
256 except:
257 log = logging.getLogger(__name__)
258
259 from rhodecode.lib import auth
260 from rhodecode.model.db import User
261
262 try:
263 sa = get_session()
264 user = sa.query(User).filter(User.email == user_email).scalar()
265
266 if user:
267 link = url('reset_password_confirmation', key=user.api_key,
268 qualified=True)
269 tmpl = """
270 Hello %s
271
272 We received a request to create a new password for your account.
273
274 You can generate it by clicking following URL:
275
276 %s
277
278 If you didn't request new password please ignore this email.
279 """
280 run_task(send_email, user_email,
281 "RhodeCode password reset link",
282 tmpl % (user.short_contact, link))
283 log.info('send new password mail to %s', user_email)
284
285 except:
286 log.error('Failed to update user password')
287 log.error(traceback.format_exc())
288 return False
289
290 return True
252 291
253 292 @task(ignore_result=True)
254 293 def reset_user_password(user_email):
@@ -280,8 +319,8 b' def reset_user_password(user_email):'
280 319 sa.rollback()
281 320
282 321 run_task(send_email, user_email,
283 "Your new rhodecode password",
284 'Your new rhodecode password:%s' % (new_passwd))
322 "Your new RhodeCode password",
323 'Your new RhodeCode password:%s' % (new_passwd))
285 324 log.info('send new password mail to %s', user_email)
286 325
287 326 except:
Show file before | Show file after | Hide comments
@@ -74,13 +74,19 b' class SmtpMailer(object):'
74 74
75 75 date_ = formatdate(localtime=True)
76 76 msg = MIMEMultipart()
77 msg.set_type('multipart/alternative')
78 msg.preamble = 'You will not see this in a MIME-aware mail reader.\n'
79
80 text_msg = MIMEText(body)
81 text_msg.set_type('text/plain')
82 text_msg.set_param('charset', 'UTF-8')
83
77 84 msg['From'] = self.mail_from
78 85 msg['To'] = ','.join(recipients)
79 86 msg['Date'] = date_
80 87 msg['Subject'] = subject
81 msg.preamble = 'You will not see this in a MIME-aware mail reader.\n'
82 88
83 msg.attach(MIMEText(body))
89 msg.attach(text_msg)
84 90
85 91 if attachment_files:
86 92 self.__atach_files(msg, attachment_files)
Show file before | Show file after | Hide comments
@@ -243,6 +243,11 b' class User(Base, BaseModel):'
243 243 else:
244 244 return Session.query(cls).filter(cls.username == username).one()
245 245
246 @classmethod
247 def get_by_api_key(cls, api_key):
248 return Session.query(cls).filter(cls.api_key == api_key).one()
249
250
246 251 def update_lastlogin(self):
247 252 """Update user lastlogin"""
248 253
Show file before | Show file after | Hide comments
@@ -213,6 +213,10 b' class UserModel(BaseModel):'
213 213 self.sa.rollback()
214 214 raise
215 215
216 def reset_password_link(self, data):
217 from rhodecode.lib.celerylib import tasks, run_task
218 run_task(tasks.send_password_link, data['email'])
219
216 220 def reset_password(self, data):
217 221 from rhodecode.lib.celerylib import tasks, run_task
218 222 run_task(tasks.reset_user_password, data['email'])
Show file before | Show file after | Hide comments
@@ -198,7 +198,8 b' margin-bottom:5px !important;'
198 198 -moz-border-radius: 0px 0px 8px 8px;
199 199 border-radius: 0px 0px 8px 8px;
200 200 height:37px;
201 background:url("../images/header_inner.png") repeat-x scroll 0 0 #003367
201 background:url("../images/header_inner.png") repeat-x scroll 0 0 #003367;
202 box-shadow: 0 2px 2px rgba(0, 0, 0, 0.6);
202 203 }
203 204
204 205 #header ul#logged-user li {
@@ -1383,6 +1384,13 b' position: absolute;'
1383 1384 margin-left: -16px;
1384 1385 width: 281px;
1385 1386 border-radius: 0 0 8px 8px;
1387 box-shadow: 0 2px 2px rgba(0, 0, 0, 0.6);
1388 }
1389
1390 #quick_login .password_forgoten{
1391 padding-right:10px;
1392 padding-top:10px;
1393 float:left;
1386 1394 }
1387 1395
1388 1396 #quick_login div.form div.fields{
Show file before | Show file after | Hide comments
@@ -30,7 +30,7 b''
30 30
31 31 </div>
32 32 <div class="buttons">
33 ${h.submit('sign_in','Sign In',class_="ui-button")}
33 <div class="password_forgoten">${h.link_to(_('Forgot password ?'),h.url('reset_password'))}</div>${h.submit('sign_in','Sign In',class_="ui-button")}
34 34 </div>
35 35 </div>
36 36 </div>
Show file before | Show file after | Hide comments
@@ -28,7 +28,7 b''
28 28 <div class="buttons">
29 29 <div class="nohighlight">
30 30 ${h.submit('send','Reset my password',class_="ui-button")}
31 <div class="activation_msg">${_('Your new password will be send to matching email address')}</div>
31 <div class="activation_msg">${_('Password reset link will be send to matching email address')}</div>
32 32 </div>
33 33 </div>
34 34 </div>
General Comments 0
You need to be logged in to leave comments. Login now