diff options
| author | 0livd <github@destras.fr> | 2017-10-26 19:46:34 +0200 |
|---|---|---|
| committer | Alexis Metaireau <alexis@notmyidea.org> | 2017-10-26 19:46:34 +0200 |
| commit | b94bad829c1fd4b4325a4af280d33d50f164e05f (patch) | |
| tree | e1d090759cdd248f1511bd349d7ff26b180e1529 /ihatemoney/templates | |
| parent | b4961f646a6e265451aa414df9fb0d58b552ffdf (diff) | |
| download | ihatemoney-mirror-b94bad829c1fd4b4325a4af280d33d50f164e05f.zip ihatemoney-mirror-b94bad829c1fd4b4325a4af280d33d50f164e05f.tar.gz ihatemoney-mirror-b94bad829c1fd4b4325a4af280d33d50f164e05f.tar.bz2 | |
Use token based auth to reset passwords (#269)
Send a mail containing a password reset
token link instead of sending a clear text
password.
Ref #232
Diffstat (limited to 'ihatemoney/templates')
| -rw-r--r-- | ihatemoney/templates/forms.html | 10 | ||||
| -rw-r--r-- | ihatemoney/templates/password_reminder.en | 6 | ||||
| -rw-r--r-- | ihatemoney/templates/password_reminder.fr | 6 | ||||
| -rw-r--r-- | ihatemoney/templates/reminder_mail.en | 2 | ||||
| -rw-r--r-- | ihatemoney/templates/reminder_mail.fr | 2 | ||||
| -rw-r--r-- | ihatemoney/templates/reset_password.html | 12 |
6 files changed, 29 insertions, 9 deletions
diff --git a/ihatemoney/templates/forms.html b/ihatemoney/templates/forms.html index ffdd165..63d1c3c 100644 --- a/ihatemoney/templates/forms.html +++ b/ihatemoney/templates/forms.html @@ -159,10 +159,18 @@ {% endmacro %} {% macro remind_password(form) %} - {% include "display_errors.html" %} {{ form.hidden_tag() }} {{ input(form.id) }} {{ submit(form.submit) }} {% endmacro %} + +{% macro reset_password(form) %} + {% include "display_errors.html" %} + {{ form.hidden_tag() }} + {{ input(form.password) }} + {{ input(form.password_confirmation) }} + {{ submit(form.submit) }} + +{% endmacro %} diff --git a/ihatemoney/templates/password_reminder.en b/ihatemoney/templates/password_reminder.en index 31210aa..bc7e609 100644 --- a/ihatemoney/templates/password_reminder.en +++ b/ihatemoney/templates/password_reminder.en @@ -1,8 +1,8 @@ Hi, -You requested to be reminded about your password for "{{ project.name }}". - -You can access it here: {{ config['SITE_URL'] }}{{ url_for(".list_bills", project_id=project.id) }}, the private code is "{{ project.password }}". +You requested to reset the password of the following project: "{{ project.name }}". +You can reset it here: {{ url_for(".reset_password", _external=True, token=project.generate_token(expiration=3600)) }}. +This link is only valid for 1 hour. Hope this helps, Some weird guys (with beards) diff --git a/ihatemoney/templates/password_reminder.fr b/ihatemoney/templates/password_reminder.fr index 58f04e3..d4fbc2d 100644 --- a/ihatemoney/templates/password_reminder.fr +++ b/ihatemoney/templates/password_reminder.fr @@ -1,7 +1,7 @@ Salut, -Vous avez demandez des informations sur votre mot de passe pour "{{ project.name }}". - -Vous pouvez y accéder ici {{ config['SITE_URL'] }}{{ url_for(".list_bills", project_id=project.id) }}, le code d'accès est "{{ project.password }}". +Vous avez demandé à réinitialiser le mot de passe du projet suivant : "{{ project.name }}". +Vous pouvez le réinitialiser ici : {{ url_for(".reset_password", _external=True, token=project.generate_token(expiration=3600)) }}. +Ce lien est seulement valide pendant 1 heure. Faites en bon usage ! diff --git a/ihatemoney/templates/reminder_mail.en b/ihatemoney/templates/reminder_mail.en index fe57be2..f13da5d 100644 --- a/ihatemoney/templates/reminder_mail.en +++ b/ihatemoney/templates/reminder_mail.en @@ -2,7 +2,7 @@ Hi, You have just (or someone else using your email address) created the project "{{ g.project.name }}" to share your expenses. -You can access it here: {{ config['SITE_URL'] }}{{ url_for(".list_bills") }} (the identifier is {{ g.project.id }}), +You can access it here: {{ url_for(".list_bills", _external=True) }} (the identifier is {{ g.project.id }}), and the private code is "{{ g.project.password }}". Enjoy, diff --git a/ihatemoney/templates/reminder_mail.fr b/ihatemoney/templates/reminder_mail.fr index 8130218..86c00ff 100644 --- a/ihatemoney/templates/reminder_mail.fr +++ b/ihatemoney/templates/reminder_mail.fr @@ -2,7 +2,7 @@ Hey, Vous venez de créer le projet "{{ g.project.name }}" pour partager vos dépenses. -Vous pouvez y accéder ici: {{ config['SITE_URL'] }}{{ url_for(".list_bills") }} (l'identifieur est {{ g.project.id }}), +Vous pouvez y accéder ici: {{ url_for(".list_bills", _external=True) }} (l'identifieur est {{ g.project.id }}), et le code d'accès "{{ g.project.password }}". Faites en bon usage ! diff --git a/ihatemoney/templates/reset_password.html b/ihatemoney/templates/reset_password.html new file mode 100644 index 0000000..78b5853 --- /dev/null +++ b/ihatemoney/templates/reset_password.html @@ -0,0 +1,12 @@ +{% extends "layout.html" %} + +{% block content %} +{% if error %} +<div class="alert alert-danger">{{ error }}</div> +{% else %} +<h2>{{ _("Reset your password") }}</h2> +<form class="form-horizontal" method="post"> +{{ forms.reset_password(form) }} +</form> +{% endif %} +{% endblock %} |