User: augmente timeout token reset password.

2025-01-17 15:52:21 +01:00 · 2025-01-17 15:52:21 +01:00 · 6e2f3cb2c2
commit 6e2f3cb2c2
parent c4d45ae358
4 changed files with 16 additions and 6 deletions
--- a/app/auth/models.py
+++ b/app/auth/models.py
@ -258,13 +258,16 @@ class User(UserMixin, ScoDocModel):
            return True
        return False

-    def get_reset_password_token(self, expires_in=600):
-        "Un token pour réinitialiser son mot de passe"
-        return jwt.encode(
+    def get_reset_password_token(self, expires_in=24 * 60 * 60):
+        """Un token pour réinitialiser son mot de passe.
+        Par défaut valide durant 24 heures.
+        """
+        token = jwt.encode(
            {"reset_password": self.id, "exp": time() + expires_in},
            current_app.config["SECRET_KEY"],
            algorithm="HS256",
        )
+        return token

    @staticmethod
    def verify_reset_password_token(token):
@ -275,7 +278,10 @@ class User(UserMixin, ScoDocModel):
            )
        except jwt.exceptions.ExpiredSignatureError:
            log("verify_reset_password_token: token expired")
-        except:  # pylint: disable=bare-except
+            return None
+        except Exception as exc:  # pylint: disable=bare-except
+            log("verify_reset_password_token: checking token '{token}'")
+            log(f"verify_reset_password_token: {exc}")
            return None
        try:
            user_id = token["reset_password"]
--- a/app/auth/routes.py
+++ b/app/auth/routes.py
@ -9,7 +9,7 @@ from flask import redirect, url_for, request
 from flask_login import login_user, current_user
 from sqlalchemy import func

-from app import db
+from app import db, log
 from app.auth import bp, cas, logic
 from app.auth.forms import (
    CASUsersImportConfigForm,
@ -168,6 +168,7 @@ def reset_password(token):
        return redirect(url_for("scodoc.index"))
    user: User = User.verify_reset_password_token(token)
    if user is None:
+        log("reset_password: can't retreive user")
        return redirect(url_for("scodoc.index"))
    form = ResetPasswordForm()
    if form.validate_on_submit():
--- a/app/views/users.py
+++ b/app/views/users.py
@ -308,6 +308,7 @@ def create_user_form(user_name=None, edit=0, all_roles=True):
                "allow_null": False,
                "readonly": edit_only_roles,
                "strip": True,
+                "attributes": ['autocomplete="off"'],
            },
        ),
        (
@ -318,6 +319,7 @@ def create_user_form(user_name=None, edit=0, all_roles=True):
                "allow_null": False,
                "readonly": edit_only_roles,
                "strip": True,
+                "attributes": ['autocomplete="off"'],
            },
        ),
    ]
@ -355,6 +357,7 @@ def create_user_form(user_name=None, edit=0, all_roles=True):
                    "explanation": """nom utilisé pour la connexion.
                        Doit être unique parmi tous les utilisateurs.
                        Lettres ou chiffres uniquement.""",
+                    "attributes": ['autocomplete="off"'],
                },
            ),
            ("formsemestre_id", {"input_type": "hidden"}),
--- a/sco_version.py
+++ b/sco_version.py
@ -3,7 +3,7 @@

 "Infos sur version ScoDoc"

-SCOVERSION = "9.7.54"
+SCOVERSION = "9.7.55"

 SCONAME = "ScoDoc"