X-Git-Url: https://svn.cri.ensmp.fr/git/Plinn.git/blobdiff_plain/63f5e85cdbd05ac9a00a6dab60548c226981fb62..28b802bba6fb9f48d25f7738368ce3303b8f7049:/RegistrationTool.py?ds=sidebyside diff --git a/RegistrationTool.py b/RegistrationTool.py index c35cb6a..5072095 100644 --- a/RegistrationTool.py +++ b/RegistrationTool.py @@ -36,6 +36,7 @@ from Products.CMFCore.utils import getToolByName from Products.CMFCore.utils import getUtilityByInterfaceName from Products.GroupUserFolder.GroupsToolPermissions import ManageGroups from Products.Plinn.utils import Message as _ +from Products.Plinn.utils import translate from Products.Plinn.utils import encodeQuopriEmail from DateTime import DateTime from types import TupleType, ListType @@ -201,6 +202,8 @@ class RegistrationTool(BaseRegistrationTool) : member = mtool.getMemberById(userid) if member : uuid = str(uuid4()) + while self._passwordResetRequests.has_key(uuid) : + uuid = str(uuid4()) self._passwordResetRequests[uuid] = (userid, DateTime() + 1) utool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IURLTool') ptool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IPropertiesTool') @@ -211,7 +214,8 @@ class RegistrationTool(BaseRegistrationTool) : mailhost = portal.MailHost sender = encodeQuopriEmail(ptool.getProperty('email_from_name'), ptool.getProperty('email_from_address')) to = encodeQuopriEmail(member.getMemberFullName(nameBefore=0), member.getProperty('email')) - subject = "=?utf-8?q?%s?=" % encodestring('Password reset') + subject = translate(_('How to reset your password on the %s website')) % ptool.getProperty('title') + subject = "=?utf-8?q?%s?=" % encodestring(subject) lines = [] pr = lines.append pr('%s/password_reset_form/%s' % (utool(), uuid)) @@ -223,6 +227,9 @@ class RegistrationTool(BaseRegistrationTool) : charset = 'UTF-8', body=body) mailhost.send(message) + return + + return _('Unknown user name. Please retry.') security.declarePrivate('clearExpiredPasswordResetRequests') def clearExpiredPasswordResetRequests(self): @@ -234,16 +241,13 @@ class RegistrationTool(BaseRegistrationTool) : security.declarePublic('resetPassword') - def resetPassword(self, userid, uuid, password, confirm) : + def resetPassword(self, uuid, password, confirm) : record = self._passwordResetRequests.get(uuid) if not record : return _('Invalid reset password request.') - recUserid, expiration = record - - if recUserid != userid : - return _('Invalid userid.') - + userid, expiration = record + now = DateTime() if expiration < now : self.clearExpiredPasswordResetRequests() return _('Your reset password request has expired. You can ask a new one.')