From 6e2f3cb2c2f4f565c7cf783db7b474246da32e86 Mon Sep 17 00:00:00 2001 From: Emmanuel Viennet Date: Fri, 17 Jan 2025 15:52:21 +0100 Subject: [PATCH] User: augmente timeout token reset password. --- app/auth/models.py | 14 ++++++++++---- app/auth/routes.py | 3 ++- app/views/users.py | 3 +++ sco_version.py | 2 +- 4 files changed, 16 insertions(+), 6 deletions(-) diff --git a/app/auth/models.py b/app/auth/models.py index 1fd96ff9f..1022e90b8 100644 --- a/app/auth/models.py +++ b/app/auth/models.py @@ -258,13 +258,16 @@ class User(UserMixin, ScoDocModel): return True return False - def get_reset_password_token(self, expires_in=600): - "Un token pour réinitialiser son mot de passe" - return jwt.encode( + def get_reset_password_token(self, expires_in=24 * 60 * 60): + """Un token pour réinitialiser son mot de passe. + Par défaut valide durant 24 heures. + """ + token = jwt.encode( {"reset_password": self.id, "exp": time() + expires_in}, current_app.config["SECRET_KEY"], algorithm="HS256", ) + return token @staticmethod def verify_reset_password_token(token): @@ -275,7 +278,10 @@ class User(UserMixin, ScoDocModel): ) except jwt.exceptions.ExpiredSignatureError: log("verify_reset_password_token: token expired") - except: # pylint: disable=bare-except + return None + except Exception as exc: # pylint: disable=bare-except + log("verify_reset_password_token: checking token '{token}'") + log(f"verify_reset_password_token: {exc}") return None try: user_id = token["reset_password"] diff --git a/app/auth/routes.py b/app/auth/routes.py index e8283c1a4..6adb9a1e8 100644 --- a/app/auth/routes.py +++ b/app/auth/routes.py @@ -9,7 +9,7 @@ from flask import redirect, url_for, request from flask_login import login_user, current_user from sqlalchemy import func -from app import db +from app import db, log from app.auth import bp, cas, logic from app.auth.forms import ( CASUsersImportConfigForm, @@ -168,6 +168,7 @@ def reset_password(token): return redirect(url_for("scodoc.index")) user: User = User.verify_reset_password_token(token) if user is None: + log("reset_password: can't retreive user") return redirect(url_for("scodoc.index")) form = ResetPasswordForm() if form.validate_on_submit(): diff --git a/app/views/users.py b/app/views/users.py index c55250311..5659d5c4c 100644 --- a/app/views/users.py +++ b/app/views/users.py @@ -308,6 +308,7 @@ def create_user_form(user_name=None, edit=0, all_roles=True): "allow_null": False, "readonly": edit_only_roles, "strip": True, + "attributes": ['autocomplete="off"'], }, ), ( @@ -318,6 +319,7 @@ def create_user_form(user_name=None, edit=0, all_roles=True): "allow_null": False, "readonly": edit_only_roles, "strip": True, + "attributes": ['autocomplete="off"'], }, ), ] @@ -355,6 +357,7 @@ def create_user_form(user_name=None, edit=0, all_roles=True): "explanation": """nom utilisé pour la connexion. Doit être unique parmi tous les utilisateurs. Lettres ou chiffres uniquement.""", + "attributes": ['autocomplete="off"'], }, ), ("formsemestre_id", {"input_type": "hidden"}), diff --git a/sco_version.py b/sco_version.py index 4b1296bda..b2ad92710 100644 --- a/sco_version.py +++ b/sco_version.py @@ -3,7 +3,7 @@ "Infos sur version ScoDoc" -SCOVERSION = "9.7.54" +SCOVERSION = "9.7.55" SCONAME = "ScoDoc"