1 changed files with 12 additions and 7 deletions
@ -1,13 +1,18 @@ |
|||||||
import hashlib |
import hashlib |
||||||
from django.contrib.auth.forms import PasswordResetForm |
from django.contrib.auth.forms import PasswordResetForm |
||||||
from bam.models import Account |
from django.contrib.auth.hashers import check_password |
||||||
|
from django import forms |
||||||
|
from django.utils.translation import gettext, gettext_lazy as _ |
||||||
|
from .models import Account |
||||||
|
|
||||||
|
|
||||||
class HashedEmailPasswordResetForm(PasswordResetForm): |
class HashedEmailPasswordResetForm(PasswordResetForm): |
||||||
|
username = forms.CharField(label=_('Username'), max_length=254) |
||||||
|
|
||||||
def get_users(self, email): |
def get_users(self, email): |
||||||
hashed_email = hashlib.sha256(bytes(email, 'utf-8')).hexdigest() |
accounts = Account.objects.filter( |
||||||
accounts = Account.objects.filter(hashed_email=hashed_email) |
user__username=self.cleaned_data['username'] |
||||||
if accounts.count() > 0: |
) |
||||||
return (a.user for a in accounts if a.user.has_usable_password()) |
return (a.user for a in accounts if a.user.has_usable_password() and |
||||||
else: |
(check_password(email, a.hashed_email) |
||||||
return super().get_users(email) |
or a.user.email == email)) |
||||||
|
|||||||
Loading…
Reference in new issue