Gregniuki commited on
Commit
0158681
·
1 Parent(s): 1031bbb

Update main.py

Browse files
Files changed (1) hide show
  1. main.py +31 -0
main.py CHANGED
@@ -258,6 +258,37 @@ async def get_protected(
258
  # Render a template response
259
  return templates.TemplateResponse("protected.html", {"request": request, "user": db_user.username})
260
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
261
  #@app.get("/protected", response_class=HTMLResponse)
262
  #async def get_protected(request: Request, token: Optional[str] = None, db: Session = Depends(get_db)):
263
  # Try to get the token from the query parameter first, then fall back to the cookie
 
258
  # Render a template response
259
  return templates.TemplateResponse("protected.html", {"request": request, "user": db_user.username})
260
 
261
+
262
+ @app.post("/password-reset-request")
263
+ async def password_reset_request(email: str, db: Session = Depends(get_db)):
264
+ user = db.query(User).filter(User.email == email).first()
265
+ if not user:
266
+ raise HTTPException(status_code=404, detail="User not found")
267
+
268
+ # Generate a verification token
269
+ verification_token = generate_verification_token(email)
270
+
271
+ # Send a verification email with a password reset link
272
+ reset_link = f"https://gregniuki-loginauth.hf.space/reset-password?token={verification_token}"
273
+ send_verification_email(email, reset_link)
274
+
275
+ return {"message": "Password reset link sent if the email is registered with us."}
276
+
277
+ @app.post("/reset-password")
278
+ async def reset_password(token: str, new_password: str, db: Session = Depends(get_db)):
279
+ user = get_user_by_verification_token(db, token)
280
+ if not user:
281
+ raise HTTPException(status_code=400, detail="Invalid or expired token")
282
+
283
+ # Hash the new password
284
+ hashed_password = auth_views.pwd_context.hash(new_password)
285
+
286
+ # Update the user's password
287
+ user.hashed_password = hashed_password
288
+ user.email_verification_token = None # Clear the token
289
+ db.commit()
290
+
291
+ return {"message": "Password successfully reset."}
292
  #@app.get("/protected", response_class=HTMLResponse)
293
  #async def get_protected(request: Request, token: Optional[str] = None, db: Session = Depends(get_db)):
294
  # Try to get the token from the query parameter first, then fall back to the cookie