agenda/backend-collector
1
0
Fork 0
Code Issues Pull Requests Projects Releases 53 Wiki Activity

feature/passwordForgot #49

Merged
v4l3n71n merged 3 commits from feature/passwordForgot into master 2025-02-14 20:06:45 +00:00
Conversation 0 Commits 3 Files Changed 6 +182 -13
3 changed files with 182 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 672eeea110 - Show all commits

39
app/routers/password.py
View File

@ -3,8 +3,9 @@ from fastapi.templating import Jinja2Templates
from ..dependencies import users_token, database, mail from ..dependencies import users_token, database, mail
from ..models import users, email from ..models import users, email
from fastapi.responses import JSONResponse, HTMLResponse from fastapi.responses import JSONResponse, HTMLResponse
from fastapi_mail import MessageSchema, MessageType, FastMail from fastapi_mail import MessageSchema, MessageType, FastMail
import random, os import random, os
router = APIRouter() router = APIRouter()
# Assurer que le chemin vers "templates" est correct # Assurer que le chemin vers "templates" est correct
@ -19,6 +20,7 @@ async def forgot_password(userSingle: users.UserForgotPassword):
detail="Email is required" detail="Email is required"
) )
# Recherche de l'utilisateur dans la base de données
user_repository = users.UserRepository(database=database.database) user_repository = users.UserRepository(database=database.database)
user = user_repository.find_one_by({"email": {"$eq": userSingle.email}}) user = user_repository.find_one_by({"email": {"$eq": userSingle.email}})
@ -28,35 +30,45 @@ async def forgot_password(userSingle: users.UserForgotPassword):
detail="User not found" detail="User not found"
) )
# Génération d'un token temporaire # Génération d'un token temporaire pour réinitialisation
reset_token = str(random.randint(100000, 999999)) reset_token = str(random.randint(100000, 999999))
key_hashed = users_token.get_password_hash(reset_token) key_hashed = users_token.get_password_hash(reset_token)
email_body = {"key": reset_token, "username": user.username} # Créer le lien de réinitialisation
email_schema = email.EmailSchema(email=[user.email], body=email_body) reset_link = f"https://votresite.com/password/reset?key={reset_token}&email={user.email}"
# Préparer les données à envoyer au template
email_body = {
"username": user.username,
"reset_link": reset_link
}
# Créer le message à envoyer
message = MessageSchema( message = MessageSchema(
subject="Password Reset Request", subject="Password Reset Request",
recipients=email_schema.dict().get("email"), recipients=[user.email],
template_body=email_schema.dict().get("body"), template_body=email_body,
subtype=MessageType.html, subtype=MessageType.html,
) )
# Utilisation de FastMail pour envoyer l'email
fm = FastMail(mail.conf) fm = FastMail(mail.conf)
await fm.send_message(message, template_name="reset_password.html") await fm.send_message(message, template_name="forgot_password_email.html")
# Stockage du token temporaire dans Redis avec une expiration # Stockage du token temporaire dans Redis avec une expiration d'1 heure
database.connect_redis.setex(user.email, 3600, key_hashed) # Expire dans 1 heure database.connect_redis.setex(user.email, 3600, key_hashed)
return JSONResponse(status_code=status.HTTP_200_OK, content={"message": "Password reset email has been sent"}) return JSONResponse(status_code=status.HTTP_200_OK, content={"message": "Password reset email has been sent"})
@router.get("/password/reset", tags=["password"]) @router.get("/password/reset", tags=["password"])
async def reset_password(request: Request, key: str | None = None, email: str | None = None): async def reset_password(request: Request, key: str | None = None, email: str | None = None):
if key is None or email is None: if not key or not email:
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
detail="Parameter key or/and email is empty" detail="Parameters 'key' and 'email' are required"
) )
# Vérifier que la clé correspond à celle stockée dans Redis
key_hashed = database.connect_redis.get(email) key_hashed = database.connect_redis.get(email)
if key_hashed is None or key_hashed.decode() != key: if key_hashed is None or key_hashed.decode() != key:
@ -65,6 +77,7 @@ async def reset_password(request: Request, key: str | None = None, email: str |
detail="Key is invalid or expired" detail="Key is invalid or expired"
) )
# Afficher la page HTML de réinitialisation du mot de passe
return templates.TemplateResponse("reset_password.html", {"request": request, "email": email, "key": key}) return templates.TemplateResponse("reset_password.html", {"request": request, "email": email, "key": key})
@router.post("/password/update", tags=["password"]) @router.post("/password/update", tags=["password"])
@ -95,5 +108,5 @@ async def update_password(email: str = Form(...), key: str = Form(...), new_pass
# Suppression du token temporaire dans Redis # Suppression du token temporaire dans Redis
database.connect_redis.delete(email) database.connect_redis.delete(email)
# Renvoyer une réponse HTML après la mise à jour réussie # Afficher un message de succès dans une réponse HTML
return templates.TemplateResponse("password_update_success.html", {"request": request, "email": email}) return templates.TemplateResponse("password_update_success.html", {"request": request, "email": email})

69
app/templates/forgot_password_email.html Normal file
View File

@ -0,0 +1,69 @@
<!-- forgot_password_email.html -->
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Réinitialisation de votre mot de passe</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f4f4f9;
color: #333;
margin: 0;
padding: 0;
}
.container {
width: 100%;
max-width: 600px;
margin: 50px auto;
padding: 20px;
background-color: white;
box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
border-radius: 8px;
}
h1 {
color: #4CAF50;
text-align: center;
}
p {
font-size: 16px;
line-height: 1.5;
text-align: center;
}
.cta-button {
display: inline-block;
background-color: #4CAF50;
color: white;
padding: 10px 20px;
text-decoration: none;
border-radius: 4px;
font-weight: bold;
text-align: center;
}
.cta-button:hover {
background-color: #45a049;
}
.footer {
margin-top: 20px;
font-size: 14px;
color: #888;
text-align: center;
}
</style>
</head>
<body>
<div class="container">
<h1>Demande de réinitialisation du mot de passe</h1>
<p>Bonjour {{ username }},</p>
<p>Nous avons reçu une demande pour réinitialiser votre mot de passe sur notre site. Si vous n'êtes pas à l'origine de cette demande, vous pouvez ignorer cet email.</p>
<p>Pour réinitialiser votre mot de passe, cliquez sur le lien ci-dessous :</p>
<p><a href="{{ reset_link }}" class="cta-button">Réinitialiser mon mot de passe</a></p>
<p>Le lien est valable pendant une heure. Si vous ne pouvez pas cliquer dessus, copiez et collez-le dans votre navigateur.</p>
</div>
<div class="footer">
<p>&copy; Covas - Tous droits réservés.</p>
</div>
</body>
</html>

87
app/templates/reset_password.html Normal file
View File

@ -0,0 +1,87 @@
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Réinitialisation du mot de passe</title>
<style>
body {
font-family: Arial, sans-serif;
margin: 0;
padding: 0;
background-color: #f4f7fc;
color: #333;
}
.container {
width: 100%;
max-width: 600px;
margin: 50px auto;
padding: 20px;
background-color: #ffffff;
border-radius: 8px;
box-shadow: 0 2px 5px rgba(0, 0, 0, 0.1);
}
h2 {
text-align: center;
color: #2a9d8f;
}
.form-group {
margin-bottom: 20px;
}
label {
font-weight: bold;
display: block;
margin-bottom: 5px;
}
input[type="password"], input[type="email"] {
width: 100%;
padding: 10px;
margin: 5px 0 10px 0;
border: 1px solid #ddd;
border-radius: 4px;
}
input[type="submit"] {
background-color: #2a9d8f;
color: white;
border: none;
padding: 10px 20px;
font-size: 16px;
cursor: pointer;
border-radius: 4px;
width: 100%;
}
input[type="submit"]:hover {
background-color: #1e7c68;
}
.message {
text-align: center;
margin-top: 20px;
}
.message a {
color: #2a9d8f;
text-decoration: none;
}
</style>
</head>
<body>
<div class="container">
<h2>Réinitialisation du mot de passe</h2>
<form method="post" action="/password/update">
<input type="hidden" name="email" value="{{ email }}">
<input type="hidden" name="key" value="{{ key }}">
<div class="form-group">
<label for="new_password">Nouveau mot de passe :</label>
<input type="password" id="new_password" name="new_password" required>
</div>
<input type="submit" value="Mettre à jour le mot de passe">
</form>
<div class="message">
<p>Vous avez des questions ? <a href="mailto:support@votresite.com">Contactez-nous</a></p>
</div>
</div>
</body>
</html>