Reset password: mail case insensitive

This commit is contained in:
Emmanuel Viennet 2022-09-14 22:47:31 +02:00
parent 1d4b328a8e
commit 9a6d5761ee
2 changed files with 7 additions and 6 deletions

View File

@ -6,6 +6,7 @@ auth.routes.py
from flask import current_app, flash, render_template from flask import current_app, flash, render_template
from flask import redirect, url_for, request from flask import redirect, url_for, request
from flask_login import login_user, logout_user, current_user from flask_login import login_user, logout_user, current_user
from sqlalchemy import func
from app import db from app import db
from app.auth import bp from app.auth import bp
@ -79,18 +80,18 @@ def reset_password_request():
return redirect(url_for("scodoc.index")) return redirect(url_for("scodoc.index"))
form = ResetPasswordRequestForm() form = ResetPasswordRequestForm()
if form.validate_on_submit(): if form.validate_on_submit():
users = User.query.filter_by(email=form.email.data).all() users = User.query.filter(
func.lower(User.email) == func.lower(form.email.data)
).all()
if len(users) == 1: if len(users) == 1:
send_password_reset_email(users[0]) send_password_reset_email(users[0])
elif len(users) > 1: elif len(users) > 1:
current_app.logger.info( current_app.logger.info(
"reset_password_request: multiple users with email '{}' (ignoring)".format( f"reset_password_request: multiple users with email '{form.email.data}' (ignoring)"
form.email.data
)
) )
else: else:
current_app.logger.info( current_app.logger.info(
"reset_password_request: for unkown user '{}'".format(form.email.data) f"reset_password_request: for unkown user '{form.email.data}'"
) )
flash( flash(
_("Voir les instructions envoyées par mail (pensez à regarder vos spams)") _("Voir les instructions envoyées par mail (pensez à regarder vos spams)")

View File

@ -197,7 +197,7 @@ class BaseArchiver(object):
"""returns archive id (check that name is valid)""" """returns archive id (check that name is valid)"""
self.initialize() self.initialize()
if not self.is_valid_archive_name(archive_name): if not self.is_valid_archive_name(archive_name):
raise ValueError("invalid archive name") raise ScoValueError(f"Archive {archive_name} introuvable")
archive_id = os.path.join(self.get_obj_dir(oid), archive_name) archive_id = os.path.join(self.get_obj_dir(oid), archive_name)
if not os.path.isdir(archive_id): if not os.path.isdir(archive_id):
log( log(