[Security] Added password change notifications

856631cd · Christian Dresen · 1150646e · 856631cd · 856631cd · 856631cd
Commit 856631cd authored 8 years ago by Christian Dresen
--- a/www/web/warpauth/util.py
+++ b/www/web/warpauth/util.py
+from django.utils.translation import ugettext as _
+from warpzone.util import send_email
 pages = {'pages': [
    {"link": "pizza", "name": "PizzaSheet"},
    {"link": "about", "name": "About"},
 ]}
+def send_password_change_notification(user):
+    send_email(user.email, _("Your password was changed"),_("Password changed recently"))
--- a/www/web/warpauth/views/profile.py
+++ b/www/web/warpauth/views/profile.py
@@ -90,6 +90,7 @@ def change_password(request):
        if ret == -1:
            pages["error_passwd"] = "Old password did not match"
        else:
+            send_password_change_notification(request.user.ldap_user)
            pages["success_passwd"] = True
    pages['ldap_groups'] = request.user.ldap_user.group_names
    pages['ldap_user_form'] = LdapUserForm(instance=LdapUser.objects.get(uid=str(request.user)))        

--- a/www/web/warpauth/views/reset_password.py
+++ b/www/web/warpauth/views/reset_password.py
@@ -3,11 +3,13 @@ import hashlib
 import logging
 import datetime
+from django.utils.translation import ugettext as _
 from django.core.exceptions import ObjectDoesNotExist, ValidationError
 from django.http import HttpResponse
 from django.shortcuts import render
 from warpauth.ldap_connector import LDAPConnector
-from warpzone.utils import send_email
+from warpzone.util import send_email
 from warpauth.util import *
 from warpauth.models import PasswordResetToken, LdapUser
@@ -16,8 +18,6 @@ from warpzone.settings import PW_RESET_TOKEN_LIFETIME
 #
 # Function to generate a password reset Token
-# ToDo: Implement Email with Token
-# ToDo: Remove Debug outputs
 #
 def gen_token(request):
@@ -32,7 +32,8 @@ def gen_token(request):
                p.email = usr.email
                p.hash = hashlib.sha1(os.urandom(128)).hexdigest()
                p.save()
-                ret = send_email(p.email, "Requested Password Reset", "http://localhost/reset_password/%s" % p.hash)
+                email_content = _("https://infra.warpzone.ms/reset_password/%(hash)s") % {'hash': p.hash}
+                ret = send_email(p.email, "Requested Password Reset", email_content )
                if not ret:
                    pages["error"] = "Error while sending the email. Please contact the administrator."
                logger.info("Success for %s", usr.uid)
@@ -65,6 +66,7 @@ def change_password(request, reset_hash=None):
                ldap_connector = LDAPConnector()
                ldap_connector.change_user_password(user.build_dn(), None, request.POST["password"], True)
                pw_reset_token.delete()
+                send_password_change_notification(user)
        else:
            pages["username"] = pw_reset_token.user

--- a/www/web/warpzone/utils.py
+++ b/www/web/warpzone/utils.py
@@ -14,4 +14,6 @@ def send_email(to_address, subject, content):
    except Exception as e:
        print(e)
    return False
\ No newline at end of file