github/reddit
1
1
Fork 0
mirror of https://github.com/reddit-archive/reddit.git synced 2026-01-28 00:07:57 -05:00
Code Issues Packages Projects Releases Wiki Activity

fixed recover password

Browse Source
This commit is contained in:
shuffman
2008-06-26 13:28:56 -07:00
parent 622d11e1a8
commit c85295342a
12 changed files with 66 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
r2/r2/controllers/api.py
View File

@@ -846,21 +846,22 @@ class ApiController(RedditController):
emailer.password_email(user)
res._success()
@Json
@validate(uid = VCacheKey('reset', 'key'),
@validate(user = VCacheKey('reset', ('key', 'name')),
key= nop('key'),
password = VPassword(['passwd', 'passwd2']))
def POST_resetpassword(self, res, uid, key, password):
def POST_resetpassword(self, res, user, key, password):
res._update('status', innerHTML = '')
if res._chk_error(errors.BAD_PASSWORD):
res._focus('passwd')
elif res._chk_error(errors.BAD_PASSWORD_MATCH):
res._focus('passwd2')
else:
user = Account._byID(uid, data=True)
change_password(user, user.password, password)
elif errors.BAD_USERNAME in c.errors:
cache.delete(str('reset_%s' % key))
return res._redirect('/password')
elif user:
cache.delete(str('reset_%s' % key))
change_password(user, password)
self._login(res, user, '/resetpassword')

6
r2/r2/controllers/front.py
View File

@@ -63,9 +63,9 @@ class FrontController(RedditController):
"""The 'what is my password' page"""
return BoringPage(_("password"), content=Password()).render()
@validate(uid = VCacheKey('reset', 'key'),
@validate(user = VCacheKey('reset', ('key', 'name')),
key = nop('key'))
def GET_resetpassword(self, uid, key):
def GET_resetpassword(self, user, key):
"""page hit once a user has been sent a password reset email
to verify their identity before allowing them to update their
password."""
@@ -73,7 +73,7 @@ class FrontController(RedditController):
if not key and request.referer:
referer_path = request.referer.split(c.domain)[-1]
done = referer_path.startswith(request.fullpath)
elif not uid:
elif not user:
return self.abort404()
return BoringPage(_("reset password"),
content=ResetPassword(key=key, done=done)).render()

2
r2/r2/controllers/post.py
View File

@@ -1,4 +1,4 @@
# "The contents of this file are subject to the Common Public Attribution
# The contents of this file are subject to the Common Public Attribution
# License Version 1.0. (the "License"); you may not use this file except in
# compliance with the License. You may obtain a copy of the License at
# http://code.reddit.com/LICENSE. The License is based on the Mozilla Public

13
r2/r2/controllers/validator/validator.py
View File

@@ -583,10 +583,17 @@ class VCacheKey(Validator):
self.cache_prefix = cache_prefix
Validator.__init__(self, param, *a, **kw)
def run(self, key):
def run(self, key, name):
if key:
val = cache.get(str(self.cache_prefix + "_" + key))
if val: return val
uid = cache.get(str(self.cache_prefix + "_" + key))
try:
a = Account._byID(uid, data = True)
except NotFound:
return None
if name and a.name.lower() != name.lower():
c.errors.add(errors.BAD_USERNAME)
if a:
return a
c.errors.add(errors.EXPIRED)
class VOneOf(Validator):

6
r2/r2/lib/emailer.py
View File

@@ -1,4 +1,4 @@
# "The contents of this file are subject to the Common Public Attribution
# The contents of this file are subject to the Common Public Attribution
# License Version 1.0. (the "License"); you may not use this file except in
# compliance with the License. You may obtain a copy of the License at
# http://code.reddit.com/LICENSE. The License is based on the Mozilla Public
@@ -21,7 +21,7 @@
################################################################################
from email.MIMEText import MIMEText
from pylons import c,g
from pages import Password_Reset
from pages import PasswordReset
from r2.models.account import passhash
from r2.config import cache
import os, random
@@ -68,5 +68,5 @@ def password_email(user):
cache.set("reset_%s" %key, user._id, time=1800)
simple_email(user.email, 'reddit@reddit.com',
'reddit.com password reset',
Password_Reset(user=user, passlink=passlink).render())
PasswordReset(user=user, passlink=passlink).render(style='email'))

5
r2/r2/lib/pages/pages.py
View File

@@ -631,7 +631,7 @@ class Password(Wrapped):
def __init__(self, success=False):
Wrapped.__init__(self, success = success)
class Password_Reset(Wrapped):
class PasswordReset(Wrapped):
"""Template for generating an email to the user who wishes to
reset their password (step 2 of password recovery, after they have
entered their user name in Password.)"""
@@ -641,8 +641,7 @@ class ResetPassword(Wrapped):
"""Form for actually resetting a lost password, after the user has
clicked on the link provided to them in the Password_Reset email
(step 3 of password recovery.)"""
def __init__(self, key=''):
Wrapped.__init__(self, key = key)
pass
class Captcha(Wrapped):

11
r2/r2/models/account.py
View File

@@ -247,13 +247,10 @@ def passhash(username, password, salt = ''):
tohash = '%s%s %s' % (salt, username, password)
return salt + sha.new(tohash).hexdigest()
def change_password(user, password, newpassword):
if valid_password(user, password):
user.password = passhash(user.name, newpassword)
user._commit()
return True
return False
def change_password(user, newpassword):
user.password = passhash(user.name, newpassword, True)
user._commit()
return True
#TODO reset the cache
def register(name, password):

5
r2/r2/public/static/reddit.css
View File

@@ -1207,6 +1207,11 @@ a.star { text-decoration: none; color: #ff8b60 }
.pretty-form.long-text textarea,
.pretty-form.long-text input[type=password] {padding: 2px; width: 40em }
/*forgot password*/
#passform h1 { margin: 0px; }
#passform p { font-size: smaller; color: orangered; margin-bottom: 7px}
#passform.pretty-form button { padding: 0px 1px; }
.prefleft { padding: 10px; font-weight: bold; vertical-align: top}
.prefright { padding: 10px }

2
r2/r2/templates/feedback.html
View File

@@ -1,4 +1,4 @@
## "The contents of this file are subject to the Common Public Attribution
## The contents of this file are subject to the Common Public Attribution
## License Version 1.0. (the "License"); you may not use this file except in
## compliance with the License. You may obtain a copy of the License at
## http://code.reddit.com/LICENSE. The License is based on the Mozilla Public

25
r2/r2/templates/password.html
View File

@@ -1,4 +1,4 @@
## "The contents of this file are subject to the Common Public Attribution
## The contents of this file are subject to the Common Public Attribution
## License Version 1.0. (the "License"); you may not use this file except in
## compliance with the License. You may obtain a copy of the License at
## http://code.reddit.com/LICENSE. The License is based on the Mozilla Public
@@ -21,27 +21,28 @@
################################################################################
<%namespace file="utils.html" import="error_field, success_field"/>
<h2>${_("what's my password?")}</h2>
<p>
${_("enter your user name below to receive your login information")}
</p>
${success_field(_('you should receive an email shortly'),
successful=thing.success, hide='passform')}
<form id="passform" action="/post/password" method="post" class="content"
<form id="passform" action="/api/password" method="post"
class="content pretty-form medium-text"
onsubmit="return post_form(this, 'password');">
<h1>${_("what's my password?")}</h1>
<p> ${_("enter your user name below to receive your login information")}</p>
<table>
<tr>
<td id="uname_password">
${_("username")}:
<td>
<label for="name">${_("username")}</label>
</td>
<td id="name_password">
<td>
<input type="text" id="name" name="name" />
</td>
<td>
<input id="submit_password" type="submit"
class="btn" value="${_('email me')}" />
<button type="submit" class="btn">${_("email me")}</button>
</td>
</tr>
<tr>
<td colspan="2">
<span class="error" id="status"></span>
${error_field("USER_DOESNT_EXIST", "span")}
${error_field("NO_EMAIL_FOR_USER", "span")}

2
r2/r2/templates/password_reset.html → r2/r2/templates/passwordreset.email
View File

@@ -1,4 +1,4 @@
## "The contents of this file are subject to the Common Public Attribution
## The contents of this file are subject to the Common Public Attribution
## License Version 1.0. (the "License"); you may not use this file except in
## compliance with the License. You may obtain a copy of the License at
## http://code.reddit.com/LICENSE. The License is based on the Mozilla Public

23
r2/r2/templates/resetpassword.html
View File

@@ -1,4 +1,4 @@
## "The contents of this file are subject to the Common Public Attribution
## The contents of this file are subject to the Common Public Attribution
## License Version 1.0. (the "License"); you may not use this file except in
## compliance with the License. You may obtain a copy of the License at
## http://code.reddit.com/LICENSE. The License is based on the Mozilla Public
@@ -25,17 +25,26 @@
%if thing.done:
<p class="error">your password has been reset and you've been logged in. Go use the site!</p>
%else:
<h2>reset your password</h2>
${error_field("EXPIRED", 'p')}
<form id="chpass" method="post" action="/post/resetpassword"
onsubmit="return post_form(this,'resetpassword')">
<form id="chpass" method="post" action="/api/resetpassword"
onsubmit="return post_form(this,'resetpassword')"
class="pretty-form">
<h1>reset your password</h1>
<input type="hidden" name="key" value="${thing.key}"/>
<table>
<tr>
<td>
${_('new password')}:
${_("username")}
</td>
<td>
<input class="logtxt" name="name"
id="name" type="text"/>
</td>
</tr>
<tr>
<td>
${_("new password")}
</td>
<td>
<input class="logtxt" name="passwd"
@@ -47,7 +56,7 @@ ${error_field("EXPIRED", 'p')}
</tr>
<tr>
<td>
${_('verify password')}:
${_("verify password")}
</td>
<td>
<input class="logtxt" name="passwd2"