Fix for forgot my password.

2026-02-05 10:53:28 -05:00 · 2016-01-27 18:01:43 +00:00
parent 91bd3e9fdb
commit ca8d78aee5
5 changed files with 25 additions and 14 deletions
--- a/app/main/dao/users_dao.py
+++ b/app/main/dao/users_dao.py
@@ -52,10 +52,9 @@ def is_email_unique(email_address):
    return True


-def request_password_reset(email):
-    user = get_user_by_email(email)
+def request_password_reset(user):
    user.state = 'request_password_reset'
-    # TODO update user
+    user_api_client.update_user(user)


 def send_verify_code(user_id, code_type, to=None):
--- a/app/main/forms.py
+++ b/app/main/forms.py
@@ -221,8 +221,17 @@ class TemplateForm(Form):


 class ForgotPasswordForm(Form):
+
+    def __init__(self, user_email_exists_func, *args, **kwargs):
+        self._user_email_exists_func = user_email_exists_func
+        super(ForgotPasswordForm, self).__init__(*args, **kwargs)
+
    email_address = email_address()

+    def validate_email_address(self, field):
+        if not self._user_email_exists_func(field.data):
+            raise ValidationError('The email is not registered on our system')
+

 class NewPasswordForm(Form):
    new_password = password()
--- a/app/main/views/forgot_password.py
+++ b/app/main/views/forgot_password.py
@@ -7,13 +7,15 @@ from app.notify_client.sender import send_change_password_email

@main.route('/forgot-password', methods=['GET', 'POST'])
 def forgot_password():
-    form = ForgotPasswordForm()
+
+    def _email_exists(email):
+        return not users_dao.is_email_unique(email)
+
+    form = ForgotPasswordForm(_email_exists)
    if form.validate_on_submit():
-        if users_dao.get_user_by_email(form.email_address.data):
-            users_dao.request_password_reset(form.email_address.data)
-            send_change_password_email(form.email_address.data)
-            return render_template('views/password-reset-sent.html')
-        else:
-            current_app.logger.info('The email address used does not exist.')
-    else:
-        return render_template('views/forgot-password.html', form=form)
+        user = users_dao.get_user_by_email(form.email_address.data)
+        users_dao.request_password_reset(user)
+        send_change_password_email(form.email_address.data)
+        return render_template('views/password-reset-sent.html')
+
+    return render_template('views/forgot-password.html', form=form)
--- a/app/main/views/user_profile.py
+++ b/app/main/views/user_profile.py
@@ -186,7 +186,7 @@ def user_profile_password():

    # Validate password for form
    def _check_password(pwd):
-        return verify_password(current_user, pwd)
+        return verify_password(current_user.id, pwd)
    form = ChangePasswordForm(_check_password)

    if form.validate_on_submit():