feat(api): changed reset/set password endpoints

2021-08-05 11:01:02 +02:00 · 2021-08-05 11:01:02 +02:00 · f727072d4c
commit f727072d4c
parent 28401f2274
3 changed files with 9 additions and 27 deletions
--- a/api/chalicelib/blueprints/bp_core.py
+++ b/api/chalicelib/blueprints/bp_core.py
@ -502,15 +502,12 @@ def edit_gdpr(projectId, context):
    return {"data": projects.edit_gdpr(project_id=projectId, gdpr=data)}


-@app.route('/password/reset/{step}', methods=['PUT', 'POST'], authorizer=None)
-def reset_password_handler(step):
+@app.route('/password/reset-link', methods=['PUT', 'POST'], authorizer=None)
+def reset_password_handler():
    data = app.current_request.json_body
-    if step == "1":
-        if "email" not in data or len(data["email"]) < 5:
-            return {"errors": ["please provide a valid email address"]}
-        return reset_password.step1(data)
-    # elif step == "2":
-    #     return reset_password.step2(data)
+    if "email" not in data or len(data["email"]) < 5:
+        return {"errors": ["please provide a valid email address"]}
+    return reset_password.reset(data)


@app.route('/{projectId}/metadata', methods=['GET'])
--- a/api/chalicelib/blueprints/bp_core_dynamic.py
+++ b/api/chalicelib/blueprints/bp_core_dynamic.py
@ -375,7 +375,7 @@ def process_invitation_link():
                 'Content-Type': 'text/plain'})


-@app.route('/users/invitation/password', methods=['POST', 'PUT'], authorizer=None)
+@app.route('/password/reset', methods=['POST', 'PUT'], authorizer=None)
 def change_password_by_invitation():
    data = app.current_request.json_body
    if data is None or len(data.get("invitation", "")) < 64 or len(data.get("pass", "")) < 8:
--- a/api/chalicelib/core/reset_password.py
+++ b/api/chalicelib/core/reset_password.py
@ -1,13 +1,9 @@
-import chalicelib.utils.TimeUTC
 from chalicelib.utils import email_helper, captcha, helper
-import secrets
-from chalicelib.utils import pg_client
-
 from chalicelib.core import users


-def step1(data):
-    print("====================== reset password 1 ===============")
+def reset(data):
+    print("====================== reset password ===============")
    print(data)
    if helper.allow_captcha() and not captcha.is_valid(data["g-recaptcha-response"]):
        print("error: Invalid captcha.")
@ -21,20 +17,9 @@ def step1(data):
        return {"errors": ["multiple users, please contact our support"]}
    elif len(a_users) == 1:
        a_users = a_users[0]
-        invitation_link=users.generate_new_invitation(user_id=a_users["id"])
+        invitation_link = users.generate_new_invitation(user_id=a_users["id"])
        email_helper.send_forgot_password(recipient=data["email"], invitation_link=invitation_link)
    else:
        print(f"invalid email address [{data['email']}]")
        return {"errors": ["invalid email address"]}
    return {"data": {"state": "success"}}
-
-
-# def step2(data):
-#     print("====================== change password 2 ===============")
-#     user = users.get_by_email_reset(data["email"], data["code"])
-#     if not user:
-#         print("error: wrong email or reset code")
-#         return {"errors": ["wrong email or reset code"]}
-#     users.update(tenant_id=user["tenantId"], user_id=user["id"],
-#                  changes={"token": None, "password": data["password"], "generatedPassword": False})
-#     return {"data": {"state": "success"}}