Mercurial > kallithea
changeset 1417:5875955def39 beta
fixes #223 improve password reset form
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Mon, 04 Jul 2011 10:59:01 +0200 |
| parents | 677408ee9355 |
| children | b097c4e328a2 |
| files | rhodecode/config/routing.py rhodecode/controllers/login.py rhodecode/lib/celerylib/tasks.py rhodecode/lib/smtp_mailer.py rhodecode/model/db.py rhodecode/model/user.py rhodecode/public/css/style.css rhodecode/templates/base/base.html rhodecode/templates/password_reset.html rhodecode/templates/password_reset_confirmation.html |
| diffstat | 9 files changed, 93 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/rhodecode/config/routing.py Sat Jul 02 19:16:39 2011 +0200 +++ b/rhodecode/config/routing.py Mon Jul 04 10:59:01 2011 +0200 @@ -294,6 +294,10 @@ rmap.connect('reset_password', '%s/password_reset' % ADMIN_PREFIX, controller='login', action='password_reset') + rmap.connect('reset_password_confirmation', + '%s/password_reset_confirmation' % ADMIN_PREFIX, + controller='login', action='password_reset_confirmation') + #FEEDS rmap.connect('rss_feed_home', '/{repo_name:.*}/feed/rss', controller='feed', action='rss',
--- a/rhodecode/controllers/login.py Sat Jul 02 19:16:39 2011 +0200 +++ b/rhodecode/controllers/login.py Mon Jul 04 10:59:01 2011 +0200 @@ -129,8 +129,8 @@ password_reset_form = PasswordResetForm()() try: form_result = password_reset_form.to_python(dict(request.POST)) - user_model.reset_password(form_result) - h.flash(_('Your new password was sent'), + user_model.reset_password_link(form_result) + h.flash(_('Your password reset link was sent'), category='success') return redirect(url('login_home')) @@ -144,6 +144,23 @@ return render('/password_reset.html') + def password_reset_confirmation(self): + + if request.GET and request.GET.get('key'): + try: + user_model = UserModel() + user = User.get_by_api_key(request.GET.get('key')) + data = dict(email=user.email) + user_model.reset_password(data) + h.flash(_('Your password reset was successful, ' + 'new password has been sent to your email'), + category='success') + except Exception, e: + log.error(e) + return redirect(url('reset_password')) + + return redirect(url('login_home')) + def logout(self): del session['rhodecode_user'] session.save()
--- a/rhodecode/lib/celerylib/tasks.py Sat Jul 02 19:16:39 2011 +0200 +++ b/rhodecode/lib/celerylib/tasks.py Mon Jul 04 10:59:01 2011 +0200 @@ -34,7 +34,7 @@ from operator import itemgetter from string import lower -from pylons import config +from pylons import config, url from pylons.i18n.translation import _ from rhodecode.lib import LANGUAGES_EXTENSIONS_MAP, safe_str @@ -249,6 +249,45 @@ log.info('LockHeld') return 'Task with key %s already running' % lockkey +@task(ignore_result=True) +def send_password_link(user_email): + try: + log = reset_user_password.get_logger() + except: + log = logging.getLogger(__name__) + + from rhodecode.lib import auth + from rhodecode.model.db import User + + try: + sa = get_session() + user = sa.query(User).filter(User.email == user_email).scalar() + + if user: + link = url('reset_password_confirmation', key=user.api_key, + qualified=True) + tmpl = """ +Hello %s + +We received a request to create a new password for your account. + +You can generate it by clicking following URL: + +%s + +If you didn't request new password please ignore this email. + """ + run_task(send_email, user_email, + "RhodeCode password reset link", + tmpl % (user.short_contact, link)) + log.info('send new password mail to %s', user_email) + + except: + log.error('Failed to update user password') + log.error(traceback.format_exc()) + return False + + return True @task(ignore_result=True) def reset_user_password(user_email): @@ -280,8 +319,8 @@ sa.rollback() run_task(send_email, user_email, - "Your new rhodecode password", - 'Your new rhodecode password:%s' % (new_passwd)) + "Your new RhodeCode password", + 'Your new RhodeCode password:%s' % (new_passwd)) log.info('send new password mail to %s', user_email) except:
--- a/rhodecode/lib/smtp_mailer.py Sat Jul 02 19:16:39 2011 +0200 +++ b/rhodecode/lib/smtp_mailer.py Mon Jul 04 10:59:01 2011 +0200 @@ -74,13 +74,19 @@ date_ = formatdate(localtime=True) msg = MIMEMultipart() + msg.set_type('multipart/alternative') + msg.preamble = 'You will not see this in a MIME-aware mail reader.\n' + + text_msg = MIMEText(body) + text_msg.set_type('text/plain') + text_msg.set_param('charset', 'UTF-8') + msg['From'] = self.mail_from msg['To'] = ','.join(recipients) msg['Date'] = date_ msg['Subject'] = subject - msg.preamble = 'You will not see this in a MIME-aware mail reader.\n' - msg.attach(MIMEText(body)) + msg.attach(text_msg) if attachment_files: self.__atach_files(msg, attachment_files)
--- a/rhodecode/model/db.py Sat Jul 02 19:16:39 2011 +0200 +++ b/rhodecode/model/db.py Mon Jul 04 10:59:01 2011 +0200 @@ -243,6 +243,11 @@ else: return Session.query(cls).filter(cls.username == username).one() + @classmethod + def get_by_api_key(cls, api_key): + return Session.query(cls).filter(cls.api_key == api_key).one() + + def update_lastlogin(self): """Update user lastlogin"""
--- a/rhodecode/model/user.py Sat Jul 02 19:16:39 2011 +0200 +++ b/rhodecode/model/user.py Mon Jul 04 10:59:01 2011 +0200 @@ -213,6 +213,10 @@ self.sa.rollback() raise + def reset_password_link(self, data): + from rhodecode.lib.celerylib import tasks, run_task + run_task(tasks.send_password_link, data['email']) + def reset_password(self, data): from rhodecode.lib.celerylib import tasks, run_task run_task(tasks.reset_user_password, data['email'])
--- a/rhodecode/public/css/style.css Sat Jul 02 19:16:39 2011 +0200 +++ b/rhodecode/public/css/style.css Mon Jul 04 10:59:01 2011 +0200 @@ -198,7 +198,8 @@ -moz-border-radius: 0px 0px 8px 8px; border-radius: 0px 0px 8px 8px; height:37px; -background:url("../images/header_inner.png") repeat-x scroll 0 0 #003367 +background:url("../images/header_inner.png") repeat-x scroll 0 0 #003367; +box-shadow: 0 2px 2px rgba(0, 0, 0, 0.6); } #header ul#logged-user li { @@ -1383,6 +1384,13 @@ margin-left: -16px; width: 281px; border-radius: 0 0 8px 8px; +box-shadow: 0 2px 2px rgba(0, 0, 0, 0.6); +} + +#quick_login .password_forgoten{ +padding-right:10px; +padding-top:10px; +float:left; } #quick_login div.form div.fields{
--- a/rhodecode/templates/base/base.html Sat Jul 02 19:16:39 2011 +0200 +++ b/rhodecode/templates/base/base.html Mon Jul 04 10:59:01 2011 +0200 @@ -30,7 +30,7 @@ </div> <div class="buttons"> - ${h.submit('sign_in','Sign In',class_="ui-button")} + <div class="password_forgoten">${h.link_to(_('Forgot password ?'),h.url('reset_password'))}</div>${h.submit('sign_in','Sign In',class_="ui-button")} </div> </div> </div>
--- a/rhodecode/templates/password_reset.html Sat Jul 02 19:16:39 2011 +0200 +++ b/rhodecode/templates/password_reset.html Mon Jul 04 10:59:01 2011 +0200 @@ -28,7 +28,7 @@ <div class="buttons"> <div class="nohighlight"> ${h.submit('send','Reset my password',class_="ui-button")} - <div class="activation_msg">${_('Your new password will be send to matching email address')}</div> + <div class="activation_msg">${_('Password reset link will be send to matching email address')}</div> </div> </div> </div>