+
+
+ security.declarePublic('requestPasswordReset')
+ def requestPasswordReset(self, userid):
+ """ add uuid / (userid, expiration) pair and return uuid """
+ self.clearExpiredPasswordResetRequests()
+ mtool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IMembershipTool')
+ if mtool.getMemberById(userid) :
+ uuid = str(uuid4())
+ self._passwordResetRequests[uuid] = (userid, DateTime() + 1)
+ return uuid
+
+ security.declarePrivate('clearExpiredPasswordResetRequests')
+ def clearExpiredPasswordResetRequests(self):
+ now = DateTime()
+ for uuid, record in self._passwordResetRequests.items() :
+ userid, date = record
+ if date < now :
+ del self._passwordResetRequests[uuid]
+
+
+ security.declarePublic('resetPassword')
+ def resetPassword(self, userid, uuid, password, confirm) :
+ record = self._passwordResetRequests.get(uuid)
+ if not record :
+ return _('Invalid reset password request.')
+
+ recUserid, expiration = record
+
+ if recUserid != userid :
+ return _('Invalid userid.')
+
+ if expiration < now :
+ self.clearExpiredPasswordResetRequests()
+ return _('Your reset password request has expired. You can ask a new one.')
+
+ msg = self.testPasswordValidity(password, confirm=confirm)
+ if not msg : # None if everything ok. Err message otherwise.
+ mtool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IMembershipTool')
+ member = mtool.getMemberById(userid)
+ if member :
+ member.setSecurityProfile(password=password)
+ del self._passwordResetRequests[uuid]
+ return _('Password successfully resetted.')
+ else :
+ return _('"%s" username not found.') % userid
+