agenda/backend-collector
1
0
Fork 0
Code Issues Pull Requests Projects Releases 53 Wiki Activity

feature/passwordForgot #49

Merged
v4l3n71n merged 3 commits from feature/passwordForgot into master 2025-02-14 20:06:45 +00:00
Conversation 0 Commits 3 Files Changed 6 +168 -1
4 changed files with 168 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 6f69dde171 - Show all commits

2
app/main.py
View File

@ -30,7 +30,7 @@ app.include_router(token.router)
app.include_router(mail.router) app.include_router(mail.router)
app.include_router(events.router) app.include_router(events.router)
app.include_router(tags.router) app.include_router(tags.router)
app.include_router(password.router)
@app.on_event("startup") @app.on_event("startup")
async def startup_event(): async def startup_event():

3
app/models/users.py
View File

@ -46,6 +46,9 @@ class UserCreate(BaseModel):
firstName: str firstName: str
name: str name: str
class UserForgotPassword(BaseModel):
email: EmailStr
class UserInDB(User): class UserInDB(User):
password: str password: str

99
app/routers/password.py Normal file
View File

@ -0,0 +1,99 @@
from fastapi import APIRouter, HTTPException, status, Request, Form
from fastapi.templating import Jinja2Templates
from ..dependencies import users_token, database, mail
from ..models import users, email
from fastapi.responses import JSONResponse, HTMLResponse
from fastapi_mail import MessageSchema, MessageType, FastMail
import random, os
router = APIRouter()
# Assurer que le chemin vers "templates" est correct
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
templates = Jinja2Templates(directory=os.path.join(BASE_DIR, "templates"))
@router.post("/password/forgot", tags=["password"])
async def forgot_password(userSingle: users.UserForgotPassword):
if not userSingle.email:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Email is required"
)
user_repository = users.UserRepository(database=database.database)
user = user_repository.find_one_by({"email": {"$eq": userSingle.email}})
if user is None:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="User not found"
)
# Génération d'un token temporaire
reset_token = str(random.randint(100000, 999999))
key_hashed = users_token.get_password_hash(reset_token)
email_body = {"key": reset_token, "username": user.username}
email_schema = email.EmailSchema(email=[user.email], body=email_body)
message = MessageSchema(
subject="Password Reset Request",
recipients=email_schema.dict().get("email"),
template_body=email_schema.dict().get("body"),
subtype=MessageType.html,
)
fm = FastMail(mail.conf)
await fm.send_message(message, template_name="reset_password.html")
# Stockage du token temporaire dans Redis avec une expiration
database.connect_redis.setex(user.email, 3600, key_hashed) # Expire dans 1 heure
return JSONResponse(status_code=status.HTTP_200_OK, content={"message": "Password reset email has been sent"})
@router.get("/password/reset", tags=["password"])
async def reset_password(request: Request, key: str | None = None, email: str | None = None):
if key is None or email is None:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Parameter key or/and email is empty"
)
key_hashed = database.connect_redis.get(email)
if key_hashed is None or key_hashed.decode() != key:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Key is invalid or expired"
)
return templates.TemplateResponse("reset_password.html", {"request": request, "email": email, "key": key})
@router.post("/password/update", tags=["password"])
async def update_password(email: str = Form(...), key: str = Form(...), new_password: str = Form(...), request: Request):
# Vérification du token dans Redis
key_hashed = database.connect_redis.get(email)
if key_hashed is None or key_hashed.decode() != key:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Key is invalid or expired"
)
# Recherche de l'utilisateur dans la base de données
user_repository = users.UserRepository(database=database.database)
user = user_repository.find_one_by({"email": {"$eq": email}})
if user is None:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail="User not found"
)
# Mise à jour du mot de passe de l'utilisateur
user.password = users_token.get_password_hash(new_password)
user_repository.save(user)
# Suppression du token temporaire dans Redis
database.connect_redis.delete(email)
# Renvoyer une réponse HTML après la mise à jour réussie
return templates.TemplateResponse("password_update_success.html", {"request": request, "email": email})

65
app/templates/password_update_success.html Normal file
View File

@ -0,0 +1,65 @@
<!-- password_update_success.html -->
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Mot de Passe Mis à Jour</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f4f4f9;
color: #333;
margin: 0;
padding: 0;
}
.container {
width: 100%;
max-width: 600px;
margin: 50px auto;
padding: 20px;
background-color: white;
box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
border-radius: 8px;
}
h1 {
color: #4CAF50;
text-align: center;
}
p {
font-size: 16px;
line-height: 1.5;
text-align: center;
}
.cta-button {
display: inline-block;
background-color: #4CAF50;
color: white;
padding: 10px 20px;
text-decoration: none;
border-radius: 4px;
font-weight: bold;
text-align: center;
}
.cta-button:hover {
background-color: #45a049;
}
.footer {
margin-top: 20px;
font-size: 14px;
color: #888;
text-align: center;
}
</style>
</head>
<body>
<div class="container">
<h1>Votre mot de passe a été mis à jour avec succès</h1>
<p>Votre mot de passe a été réinitialisé avec succès. Vous pouvez maintenant utiliser votre nouveau mot de passe pour vous connecter.</p>
</div>
<div class="footer">
<p>&copy; {{ current_year }} Covas - Tous droits réservés.</p>
</div>
</body>
</html>