refactor(chalice): optimised forget password

2024-02-27 13:29:57 +01:00 · 2024-02-27 13:29:57 +01:00 · 20f9da5e84
commit 20f9da5e84
parent 4922adf5c9
2 changed files with 15 additions and 8 deletions
--- a/api/chalicelib/core/reset_password.py
+++ b/api/chalicelib/core/reset_password.py
@ -15,9 +15,9 @@ def reset(data: schemas.ForgetPasswordPayloadSchema, background_tasks: Backgroun
        return {"errors": ["Invalid captcha."]}
    if not smtp.has_smtp():
        return {"errors": ["no SMTP configuration found, you can ask your admin to reset your password"]}
-    a_users = users.get_by_email_only(data.email)
-    if a_users:
-        invitation_link = users.generate_new_invitation(user_id=a_users["userId"])
+    a_user = users.get_by_email_only(data.email)
+    if a_user:
+        invitation_link = users.generate_new_invitation(user_id=a_user["userId"])
        background_tasks.add_task(email_helper.send_forgot_password,
                                  recipient=data.email,
                                  invitation_link=invitation_link)
--- a/ee/api/chalicelib/core/reset_password.py
+++ b/ee/api/chalicelib/core/reset_password.py
@ -1,12 +1,17 @@
+import logging
+
 from decouple import config
+from fastapi import BackgroundTasks

 import schemas
 from chalicelib.core import users
 from chalicelib.utils import email_helper, captcha, helper, smtp

+logger = logging.getLogger(__name__)

-def reset(data: schemas.ForgetPasswordPayloadSchema):
-    print(f"====================== reset password {data.email}")
+
+def reset(data: schemas.ForgetPasswordPayloadSchema, background_tasks: BackgroundTasks):
+    logger.info(f"forget password request for: {data.email}")
    if helper.allow_captcha() and not captcha.is_valid(data.g_recaptcha_response):
        print("error: Invalid captcha.")
        return {"errors": ["Invalid captcha."]}
@ -19,9 +24,11 @@ def reset(data: schemas.ForgetPasswordPayloadSchema):
            return {"errors": ["Please use your SSO to login"]}
        if config("enforce_SSO", cast=bool, default=False) and not a_user["superAdmin"] and helper.is_saml2_available():
            return {"errors": ["Please use your SSO to login, enforced by admin"]}
-        # ----------
+
        invitation_link = users.generate_new_invitation(user_id=a_user["userId"])
-        email_helper.send_forgot_password(recipient=data.email, invitation_link=invitation_link)
+        background_tasks.add_task(email_helper.send_forgot_password,
+                                  recipient=data.email,
+                                  invitation_link=invitation_link)
    else:
-        print(f"!!!invalid email address [{data.email}]")
+        logger.warning(f"!!!invalid email address [{data.email}]")
    return {"data": {"state": "A reset link will be sent if this email exists in our system."}}