[System] Send welcome and password-changed notifications, allow custom text per config file
This commit is contained in:
parent
049b64ffd5
commit
7ec37914a1
|
@ -7,6 +7,8 @@ auth = "auth_plain"
|
|||
#root = /api
|
||||
# Set secret key
|
||||
secret_key = "V3ryS3cr3t"
|
||||
# Domain used by frontend
|
||||
#domain = "flaschengeist.local"
|
||||
|
||||
[LOGGING]
|
||||
file = "/tmp/flaschengeist-debug.log"
|
||||
|
@ -34,6 +36,35 @@ enabled = true
|
|||
# admin_dn =
|
||||
# default_gid =
|
||||
|
||||
[MESSAGES]
|
||||
welcome_subject = "Welcome to Flaschengeist {name}"
|
||||
welcome_text = '''
|
||||
Hello {name}!
|
||||
Welcome to Flaschengeist!
|
||||
Have fun :)
|
||||
'''
|
||||
|
||||
password_subject = "Flaschengeist - Password reset"
|
||||
password_text = '''
|
||||
Hello {name}!
|
||||
There was a password reset request for username: {username}
|
||||
|
||||
To change your password, click on this link:
|
||||
{link}
|
||||
'''
|
||||
|
||||
password_changed_subject = "Flaschengeist - Password changed"
|
||||
password_changed_text = '''
|
||||
Hello {name}!
|
||||
Your password was changed for username: {username}
|
||||
|
||||
If this was not you, please contact the support.
|
||||
'''
|
||||
|
||||
##################
|
||||
# PLUGINS #
|
||||
##################
|
||||
|
||||
#[users]
|
||||
# always enabled
|
||||
#
|
||||
|
|
|
@ -4,6 +4,7 @@ from datetime import datetime, timedelta, timezone
|
|||
from werkzeug.exceptions import NotFound, BadRequest, Forbidden
|
||||
|
||||
from flaschengeist import logger
|
||||
from flaschengeist.config import config
|
||||
from flaschengeist.database import db
|
||||
from flaschengeist.utils.hook import Hook
|
||||
from flaschengeist.models.user import User, Role, _PasswordReset
|
||||
|
@ -35,26 +36,22 @@ def request_reset(user: User):
|
|||
if not reset.expires or reset.expires < expires:
|
||||
expires = expires + timedelta(hours=12)
|
||||
reset.expires = expires
|
||||
reset.token = secrets.token_urlsafe(16)
|
||||
|
||||
subject = "Flaschengeist - Passwort zurücksetzten"
|
||||
domain = "flaschengeist.local"
|
||||
text = f"""Hallo {user.display_name},
|
||||
Jemand hat das Zurücksetzen des Passworts für dein Flaschengeist Benutzerkonto angefordert.
|
||||
|
||||
Benutzername: {user.userid}
|
||||
|
||||
Falls das nicht beabsichtigt war, ignoriere diese E-Mail einfach. Es wird dann nichts passieren.
|
||||
|
||||
Um dein Passwort zurückzusetzen, besuche folgende Adresse, der Link ist 12 Stunden gültig:
|
||||
|
||||
<https://{domain}/reset?token={reset.token}>
|
||||
"""
|
||||
reset.token = secrets.token_urlsafe(24)
|
||||
db.session.commit()
|
||||
|
||||
subject = str(config["MESSAGES"]["password_subject"]).format(name=user.display_name, username=user.userid)
|
||||
text = str(config["MESSAGES"]["password_text"]).format(
|
||||
name=user.display_name,
|
||||
username=user.userid,
|
||||
link=f'https://{config["FLASCHENGEIST"]["domain"]}/reset?token={reset.token}'
|
||||
)
|
||||
messageController.send_message(messageController.Message(user, text, subject))
|
||||
|
||||
|
||||
def reset_password(token: str, password: str):
|
||||
if len(token) != 32:
|
||||
raise BadRequest
|
||||
|
||||
reset = _PasswordReset.query.filter(_PasswordReset.token == token).one_or_none()
|
||||
logger.debug(f"Token is {'valid' if reset else 'invalid'}")
|
||||
if not reset or reset.expires < datetime.now(tz=timezone.utc):
|
||||
|
@ -101,8 +98,13 @@ def modify_user(user, password, new_password=None):
|
|||
current_app.config["FG_AUTH_BACKEND"].modify_user(user, password, new_password)
|
||||
|
||||
if new_password:
|
||||
# TODO: Password changed mail
|
||||
logger.error(f"Password changed for user {user.userid}")
|
||||
logger.debug(f"Password changed for user {user.userid}")
|
||||
subject = str(config["MESSAGES"]["password_changed_subject"]).format(name=user.display_name, username=user.userid)
|
||||
text = str(config["MESSAGES"]["password_changed_text"]).format(
|
||||
name=user.display_name,
|
||||
username=user.userid,
|
||||
)
|
||||
messageController.send_message(messageController.Message(user, text, subject))
|
||||
|
||||
|
||||
def get_users():
|
||||
|
@ -150,6 +152,15 @@ def register(data):
|
|||
|
||||
db.session.add(user)
|
||||
db.session.commit()
|
||||
|
||||
if user.mail and len(user.mail) > 3:
|
||||
subject = str(config["MESSAGES"]["welcome_subject"]).format(name=user.display_name, username=user.userid)
|
||||
text = str(config["MESSAGES"]["welcome_text"]).format(
|
||||
name=user.display_name,
|
||||
username=user.userid,
|
||||
)
|
||||
messageController.send_message(messageController.Message(user, text, subject))
|
||||
|
||||
return user
|
||||
|
||||
|
||||
|
|
|
@ -107,7 +107,7 @@ class _PasswordReset(db.Model):
|
|||
__tablename__ = "password_reset"
|
||||
_user_id: User = db.Column("user", db.Integer, db.ForeignKey("user.id"), primary_key=True)
|
||||
user: User = db.relationship("User", foreign_keys=[_user_id])
|
||||
token: str = db.Column(db.String(30))
|
||||
token: str = db.Column(db.String(32))
|
||||
expires: datetime = db.Column(UtcDateTime)
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue