X-Git-Url: https://scm.cri.mines-paristech.fr/git/Plinn.git/blobdiff_plain/63f5e85cdbd05ac9a00a6dab60548c226981fb62..797d6a6d2797c8ff4ac50e7a107c585f838ff282:/RegistrationTool.py diff --git a/RegistrationTool.py b/RegistrationTool.py index c35cb6a..f31a5c6 100644 --- a/RegistrationTool.py +++ b/RegistrationTool.py @@ -201,6 +201,8 @@ class RegistrationTool(BaseRegistrationTool) : member = mtool.getMemberById(userid) if member : uuid = str(uuid4()) + while self._passwordResetRequests.has_key(uuid) : + uuid = str(uuid4()) self._passwordResetRequests[uuid] = (userid, DateTime() + 1) utool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IURLTool') ptool = getUtilityByInterfaceName('Products.CMFCore.interfaces.IPropertiesTool') @@ -223,6 +225,9 @@ class RegistrationTool(BaseRegistrationTool) : charset = 'UTF-8', body=body) mailhost.send(message) + return + + return _('Unknown user name. Please retry.') security.declarePrivate('clearExpiredPasswordResetRequests') def clearExpiredPasswordResetRequests(self): @@ -234,16 +239,13 @@ class RegistrationTool(BaseRegistrationTool) : security.declarePublic('resetPassword') - def resetPassword(self, userid, uuid, password, confirm) : + def resetPassword(self, uuid, password, confirm) : record = self._passwordResetRequests.get(uuid) if not record : return _('Invalid reset password request.') - recUserid, expiration = record - - if recUserid != userid : - return _('Invalid userid.') - + userid, expiration = record + now = DateTime() if expiration < now : self.clearExpiredPasswordResetRequests() return _('Your reset password request has expired. You can ask a new one.')