Update main.py
Browse files
main.py
CHANGED
@@ -258,6 +258,37 @@ async def get_protected(
|
|
258 |
# Render a template response
|
259 |
return templates.TemplateResponse("protected.html", {"request": request, "user": db_user.username})
|
260 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
261 |
#@app.get("/protected", response_class=HTMLResponse)
|
262 |
#async def get_protected(request: Request, token: Optional[str] = None, db: Session = Depends(get_db)):
|
263 |
# Try to get the token from the query parameter first, then fall back to the cookie
|
|
|
258 |
# Render a template response
|
259 |
return templates.TemplateResponse("protected.html", {"request": request, "user": db_user.username})
|
260 |
|
261 |
+
|
262 |
+
@app.post("/password-reset-request")
|
263 |
+
async def password_reset_request(email: str, db: Session = Depends(get_db)):
|
264 |
+
user = db.query(User).filter(User.email == email).first()
|
265 |
+
if not user:
|
266 |
+
raise HTTPException(status_code=404, detail="User not found")
|
267 |
+
|
268 |
+
# Generate a verification token
|
269 |
+
verification_token = generate_verification_token(email)
|
270 |
+
|
271 |
+
# Send a verification email with a password reset link
|
272 |
+
reset_link = f"https://gregniuki-loginauth.hf.space/reset-password?token={verification_token}"
|
273 |
+
send_verification_email(email, reset_link)
|
274 |
+
|
275 |
+
return {"message": "Password reset link sent if the email is registered with us."}
|
276 |
+
|
277 |
+
@app.post("/reset-password")
|
278 |
+
async def reset_password(token: str, new_password: str, db: Session = Depends(get_db)):
|
279 |
+
user = get_user_by_verification_token(db, token)
|
280 |
+
if not user:
|
281 |
+
raise HTTPException(status_code=400, detail="Invalid or expired token")
|
282 |
+
|
283 |
+
# Hash the new password
|
284 |
+
hashed_password = auth_views.pwd_context.hash(new_password)
|
285 |
+
|
286 |
+
# Update the user's password
|
287 |
+
user.hashed_password = hashed_password
|
288 |
+
user.email_verification_token = None # Clear the token
|
289 |
+
db.commit()
|
290 |
+
|
291 |
+
return {"message": "Password successfully reset."}
|
292 |
#@app.get("/protected", response_class=HTMLResponse)
|
293 |
#async def get_protected(request: Request, token: Optional[str] = None, db: Session = Depends(get_db)):
|
294 |
# Try to get the token from the query parameter first, then fall back to the cookie
|