From ae1a7438556c7c2c8d3885a70b934550821aa292 Mon Sep 17 00:00:00 2001 From: Sage Vaillancourt Date: Mon, 26 Sep 2022 08:52:42 -0400 Subject: [PATCH] Inform user if password-reset failed to send. Remove unused db code. --- undercover/db.py | 49 ++++---------------------------------------- undercover/email.py | 5 ++--- undercover/routes.py | 5 +++-- 3 files changed, 9 insertions(+), 50 deletions(-) diff --git a/undercover/db.py b/undercover/db.py index 75331a9..2aa9b64 100644 --- a/undercover/db.py +++ b/undercover/db.py @@ -30,25 +30,20 @@ class UserWithHash: host = os.environ.get('UNDERCOVER_POSTGRES_HOST') db_name = os.environ.get('UNDERCOVER_POSTGRES_DBNAME') port = os.environ.get('UNDERCOVER_POSTGRES_PORT') -user = os.environ.get('UNDERCOVER_POSTGRES_USER') +db_user = os.environ.get('UNDERCOVER_POSTGRES_USER') + +db_available = host and db_name and port and db_user and os.environ.get('UNDERCOVER_POSTGRES_PASSWORD') -db_available = host and db_name and port and user and os.environ.get('UNDERCOVER_POSTGRES_PASSWORD') def connect(): return psycopg.connect( host=host, dbname=db_name, port=port, - user=user, + user=db_user, password=os.environ.get('UNDERCOVER_POSTGRES_PASSWORD')) -def connected(action): - with connect() as con: - cur = con.cursor() - return action(cur, con) - - def login(user_email: str, password: str): pw_bytes: bytes = password.encode('utf-8') user = __get_user(user_email) @@ -79,13 +74,6 @@ def delete_user(username: str): con.commit() -def add_user_lambda(username: str, password: str): - def f(cur, con): - cur.execute("INSERT INTO users(email, password) VALUES (%s, %s)", (username, password)) - con.commit() - connected(f) - - def add_letter(user_id: int, letter_title: str, letter_content: str): with connect() as con: cur = con.cursor() @@ -131,13 +119,6 @@ def __get_user(email: str) -> Optional[UserWithHash]: return None -def get_users() -> [UserWithHash]: - with connect() as con: - cur = con.cursor() - cur.execute("SELECT id, email, password FROM users") - return map(lambda row: UserWithHash(row[0], row[1], row[2]), cur.fetchall()) - - def initiate_password_reset(email: str) -> Optional[UUID]: user = get_user(email) if not user: @@ -167,25 +148,3 @@ def complete_reset(reset_id: str, new_password: str): con.commit() return True return False - - -if __name__ == "__main__": - add_user("hash_man", "hashword") - print("Can pull correctly: " + str(login("hash_man", "hashword"))) - delete_user("hash_man") - # add_letter(1, "Dynamically-added", "This is a letter added from Python!") - # edit_letter(3, "Dynamically edited!", "This letter was dynamically edited from Python!") - - - # for letter in get_user_letters(1): - # print("\'" + letter.title + "\"" + ":") - # print(" id: " + str(letter.id)) - # print(" letter-data: " + letter.contents) - # print() - - # for user in get_users(): - # print(user.email + ":") - # print(" id: " + str(user.id)) - # print(" password: " + user.password_hash) - # print() - diff --git a/undercover/email.py b/undercover/email.py index 0c4e328..3ceb473 100644 --- a/undercover/email.py +++ b/undercover/email.py @@ -28,10 +28,9 @@ def send_password_reset(to_email: str, reset_link: str): } ] } - + result = mailjet.send.create(data=data) - print(result.status_code) - print(result.json()) + return 200 <= result.status_code <= 299 if __name__ == "__main__": diff --git a/undercover/routes.py b/undercover/routes.py index 72bd057..10fcaae 100644 --- a/undercover/routes.py +++ b/undercover/routes.py @@ -161,9 +161,10 @@ def reset_password(): if email_address: reset_id = db.initiate_password_reset(email_address) if reset_id: - email.send_password_reset(email_address, 'https://undercover.cafe/reset?id=' + str(reset_id)) - # TODO: Eventually remove db entry whether or not link is clicked + if not email.send_password_reset(email_address, 'https://undercover.cafe/reset?id=' + str(reset_id)): + return render_index(error="Failed to send reset email. Please try again later.", status=500) elif existing_reset_id: + # TODO: Eventually remove db entry whether or not link is clicked new_password = request.form['password'] db.complete_reset(existing_reset_id, new_password) # TODO: Log in?