mirror of
https://github.com/simple-login/app.git
synced 2024-09-28 20:51:29 +02:00
Add POST /api/auth/forgot_password
This commit is contained in:
parent
ba6b8d2711
commit
f2d5230449
@ -796,6 +796,15 @@ Input:
|
|||||||
Output:
|
Output:
|
||||||
- 200: user is going to receive an email that contains the activation code.
|
- 200: user is going to receive an email that contains the activation code.
|
||||||
|
|
||||||
|
#### POST /api/auth/forgot_password
|
||||||
|
|
||||||
|
Input:
|
||||||
|
- email
|
||||||
|
|
||||||
|
Output:
|
||||||
|
- 200: user is going to receive an email to reset the password
|
||||||
|
- 400 if error (email not found)
|
||||||
|
|
||||||
#### GET /api/aliases
|
#### GET /api/aliases
|
||||||
|
|
||||||
Get user aliases.
|
Get user aliases.
|
||||||
|
@ -10,6 +10,7 @@ from itsdangerous import Signer
|
|||||||
from app import email_utils
|
from app import email_utils
|
||||||
from app.api.base import api_bp
|
from app.api.base import api_bp
|
||||||
from app.config import FLASK_SECRET, DISABLE_REGISTRATION
|
from app.config import FLASK_SECRET, DISABLE_REGISTRATION
|
||||||
|
from app.dashboard.views.setting import send_reset_password_email
|
||||||
from app.email_utils import (
|
from app.email_utils import (
|
||||||
can_be_used_as_personal_email,
|
can_be_used_as_personal_email,
|
||||||
email_already_used,
|
email_already_used,
|
||||||
@ -316,3 +317,31 @@ def auth_payload(user, device) -> dict:
|
|||||||
ret["api_key"] = api_key.code
|
ret["api_key"] = api_key.code
|
||||||
|
|
||||||
return ret
|
return ret
|
||||||
|
|
||||||
|
|
||||||
|
@api_bp.route("/auth/forgot_password", methods=["POST"])
|
||||||
|
@cross_origin()
|
||||||
|
def forgot_password():
|
||||||
|
"""
|
||||||
|
User forgot password
|
||||||
|
Input:
|
||||||
|
email
|
||||||
|
Output:
|
||||||
|
200 and a reset password email is sent to user
|
||||||
|
400 if email not exist
|
||||||
|
|
||||||
|
"""
|
||||||
|
data = request.get_json()
|
||||||
|
if not data:
|
||||||
|
return jsonify(error="request body cannot be empty"), 400
|
||||||
|
|
||||||
|
email = data.get("email")
|
||||||
|
|
||||||
|
user = User.get_by(email=email)
|
||||||
|
|
||||||
|
if not user:
|
||||||
|
return jsonify(error="Error"), 400
|
||||||
|
|
||||||
|
send_reset_password_email(user)
|
||||||
|
|
||||||
|
return jsonify(reset_sent=True)
|
||||||
|
@ -200,3 +200,19 @@ def test_auth_reactivate_success(flask_client):
|
|||||||
assert act_code
|
assert act_code
|
||||||
assert len(act_code.code) == 6
|
assert len(act_code.code) == 6
|
||||||
assert act_code.tries == 3
|
assert act_code.tries == 3
|
||||||
|
|
||||||
|
|
||||||
|
def test_auth_login_forgot_password(flask_client):
|
||||||
|
User.create(email="a@b.c", password="password", name="Test User", activated=True)
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
r = flask_client.post(url_for("api.forgot_password"), json={"email": "a@b.c"},)
|
||||||
|
|
||||||
|
assert r.status_code == 200
|
||||||
|
|
||||||
|
# No such email
|
||||||
|
r = flask_client.post(
|
||||||
|
url_for("api.forgot_password"), json={"email": "not-exist@b.c"},
|
||||||
|
)
|
||||||
|
|
||||||
|
assert r.status_code == 400
|
||||||
|
Loading…
Reference in New Issue
Block a user