iziram/ScoDoc
1
0
Fork 0
forked from ScoDoc/ScoDoc
Code Issues 12 Pull Requests Projects 1 Releases Wiki Activity

User: augmente timeout token reset password.

Browse Source
This commit is contained in:
Emmanuel Viennet 2025-01-17 15:52:21 +01:00
parent c4d45ae358
commit 6e2f3cb2c2
4 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/auth/models.py
View File

@ -258,13 +258,16 @@ class User(UserMixin, ScoDocModel):
return True return True
return False return False
def get_reset_password_token(self, expires_in=600): def get_reset_password_token(self, expires_in=24 * 60 * 60):
"Un token pour réinitialiser son mot de passe" """Un token pour réinitialiser son mot de passe.
return jwt.encode( Par défaut valide durant 24 heures.
"""
token = jwt.encode(
{"reset_password": self.id, "exp": time() + expires_in}, {"reset_password": self.id, "exp": time() + expires_in},
current_app.config["SECRET_KEY"], current_app.config["SECRET_KEY"],
algorithm="HS256", algorithm="HS256",
) )
return token
@staticmethod @staticmethod
def verify_reset_password_token(token): def verify_reset_password_token(token):
@ -275,7 +278,10 @@ class User(UserMixin, ScoDocModel):
) )
except jwt.exceptions.ExpiredSignatureError: except jwt.exceptions.ExpiredSignatureError:
log("verify_reset_password_token: token expired") log("verify_reset_password_token: token expired")
except: # pylint: disable=bare-except return None
except Exception as exc: # pylint: disable=bare-except
log("verify_reset_password_token: checking token '{token}'")
log(f"verify_reset_password_token: {exc}")
return None return None
try: try:
user_id = token["reset_password"] user_id = token["reset_password"]

3
app/auth/routes.py
View File

@ -9,7 +9,7 @@ from flask import redirect, url_for, request
from flask_login import login_user, current_user from flask_login import login_user, current_user
from sqlalchemy import func from sqlalchemy import func
from app import db from app import db, log
from app.auth import bp, cas, logic from app.auth import bp, cas, logic
from app.auth.forms import ( from app.auth.forms import (
CASUsersImportConfigForm, CASUsersImportConfigForm,
@ -168,6 +168,7 @@ def reset_password(token):
return redirect(url_for("scodoc.index")) return redirect(url_for("scodoc.index"))
user: User = User.verify_reset_password_token(token) user: User = User.verify_reset_password_token(token)
if user is None: if user is None:
log("reset_password: can't retreive user")
return redirect(url_for("scodoc.index")) return redirect(url_for("scodoc.index"))
form = ResetPasswordForm() form = ResetPasswordForm()
if form.validate_on_submit(): if form.validate_on_submit():

3
app/views/users.py
View File

@ -308,6 +308,7 @@ def create_user_form(user_name=None, edit=0, all_roles=True):
"allow_null": False, "allow_null": False,
"readonly": edit_only_roles, "readonly": edit_only_roles,
"strip": True, "strip": True,
"attributes": ['autocomplete="off"'],
}, },
), ),
( (
@ -318,6 +319,7 @@ def create_user_form(user_name=None, edit=0, all_roles=True):
"allow_null": False, "allow_null": False,
"readonly": edit_only_roles, "readonly": edit_only_roles,
"strip": True, "strip": True,
"attributes": ['autocomplete="off"'],
}, },
), ),
] ]
@ -355,6 +357,7 @@ def create_user_form(user_name=None, edit=0, all_roles=True):
"explanation": """nom utilisé pour la connexion. "explanation": """nom utilisé pour la connexion.
Doit être unique parmi tous les utilisateurs. Doit être unique parmi tous les utilisateurs.
Lettres ou chiffres uniquement.""", Lettres ou chiffres uniquement.""",
"attributes": ['autocomplete="off"'],
}, },
), ),
("formsemestre_id", {"input_type": "hidden"}), ("formsemestre_id", {"input_type": "hidden"}),

2
sco_version.py
View File

@ -3,7 +3,7 @@
"Infos sur version ScoDoc" "Infos sur version ScoDoc"
SCOVERSION = "9.7.54" SCOVERSION = "9.7.55"
SCONAME = "ScoDoc" SCONAME = "ScoDoc"