PythonFreeCourse · yammesicka · Sep 26, 2021 · Sep 9, 2021 · Sep 10, 2021 · Sep 10, 2021
diff --git a/lms/lmsdb/bootstrap.py b/lms/lmsdb/bootstrap.py
@@ -1,4 +1,5 @@
 from typing import Any, Callable, Optional, Tuple, Type
+from uuid import uuid4
 
 from peewee import (
     Database, Entity, Expression, Field, Model, OP,
@@ -88,9 +89,7 @@ def get_details(table: Model, column: Field) -> Tuple[bool, str, str]:
     column_name = column.column_name
 
     cols = {col.name for col in db_config.database.get_columns(table_name)}
-    if column_name in cols:
-        return True, table_name, column_name
-    return False, table_name, column_name
+    return column_name in cols, table_name, column_name
 
 
 def _add_not_null_column(
@@ -227,22 +226,39 @@ def _add_api_keys_to_users_table(table: Model, _column: Field) -> None:
             user.save()
 
 
+def _add_uuid_to_users_table(table: Model, _column: Field) -> None:
+    log.info('Adding UUIDs for all users, might take some extra time...')
+    with db_config.database.transaction():
+        for user in table:
+            user.uuid = uuid4()
+            user.save()
+
+
 def _api_keys_migration() -> bool:
     User = models.User
     _add_not_null_column(User, User.api_key, _add_api_keys_to_users_table)
     return True
 
 
+def _uuid_migration() -> bool:
+    User = models.User
+    _add_not_null_column(User, User.uuid, _add_uuid_to_users_table)
+    return True
+
+
 def main():
     with models.database.connection_context():
+        if models.database.table_exists(models.User.__name__.lower()):
+            _api_keys_migration()
+            _uuid_migration()
+
         models.database.create_tables(models.ALL_MODELS, safe=True)
 
         if models.Role.select().count() == 0:
             models.create_basic_roles()
         if models.User.select().count() == 0:
             models.create_demo_users()
 
-    _api_keys_migration()
     text_fixer.fix_texts()
     import_tests.load_tests_from_path('/app_dir/notebooks-tests')
 

diff --git a/lms/lmsdb/models.py b/lms/lmsdb/models.py
@@ -1,19 +1,20 @@
-from collections import Counter
 import enum
 import html
 import secrets
 import string
+from collections import Counter
 from datetime import datetime
 from typing import (
     Any, Dict, Iterable, List, Optional, TYPE_CHECKING, Tuple,
     Type, Union, cast,
 )
+from uuid import uuid4
 
 from flask_babel import gettext as _  # type: ignore
 from flask_login import UserMixin, current_user  # type: ignore
 from peewee import (  # type: ignore
     BooleanField, Case, CharField, Check, DateTimeField, ForeignKeyField,
-    IntegerField, JOIN, ManyToManyField, TextField, fn,
+    IntegerField, JOIN, ManyToManyField, TextField, UUIDField, fn,
 )
 from playhouse.signals import Model, post_save, pre_save  # type: ignore
 from werkzeug.security import (
@@ -138,6 +139,10 @@ class User(UserMixin, BaseModel):
     password = CharField()
     role = ForeignKeyField(Role, backref='users')
     api_key = CharField()
+    uuid = UUIDField(default=uuid4, unique=True)
+
+    def get_id(self):
+        return str(self.uuid)
 
     def is_password_valid(self, password):
         return check_password_hash(self.password, password)
@@ -201,6 +206,7 @@ def on_save_handler(model_class, instance, created):
     is_password_changed = not instance.password.startswith('pbkdf2:sha256')
     if created or is_password_changed:
         instance.password = generate_password_hash(instance.password)
+        instance.uuid = uuid4()
 
     is_api_key_changed = not instance.api_key.startswith('pbkdf2:sha256')
     if created or is_api_key_changed:

diff --git a/lms/lmsweb/config.py.example b/lms/lmsweb/config.py.example
@@ -63,3 +63,6 @@ LOCALE = 'en'
 # Limiter settings
 LIMITS_PER_MINUTE = 5
 LIMITS_PER_HOUR = 50
+
+# Change password settings
+MAX_INVALID_PASSWORD_TRIES = 5
diff --git a/lms/lmsweb/forms/change_password.py b/lms/lmsweb/forms/change_password.py
@@ -0,0 +1,33 @@
+from flask import session
+from flask_babel import gettext as _  # type: ignore
+from flask_wtf import FlaskForm
+from wtforms import PasswordField
+from wtforms.validators import EqualTo, InputRequired, Length, ValidationError
+
+from lms.lmsweb.config import MAX_INVALID_PASSWORD_TRIES
+
+
+class ChangePasswordForm(FlaskForm):
+    current_password = PasswordField(
+        'Password', validators=[InputRequired(), Length(min=8)], id='password',
+    )
+    password = PasswordField(
+        'Password', validators=[InputRequired(), Length(min=8)], id='password',
+    )
+    confirm = PasswordField(
+        'Password Confirmation', validators=[
+            InputRequired(),
+            EqualTo('password', message=_('הסיסמאות שהוקלדו אינן זהות')),
+        ],
+    )
+
+    def __init__(self, user, *args, **kwargs):
+        super(ChangePasswordForm, self).__init__(*args, **kwargs)
+        self.user = user
+
+    def validate_current_password(self, field):
+        if session['_invalid_password_tries'] >= MAX_INVALID_PASSWORD_TRIES:
+            raise ValidationError(_('הזנת סיסמה שגויה מספר רב מדי של פעמים'))
+        if not self.user.is_password_valid(field.data):
+            session['_invalid_password_tries'] += 1
+            raise ValidationError(_('הסיסמה הנוכחית שהוזנה שגויה'))
diff --git a/lms/lmsweb/forms/reset_password.py b/lms/lmsweb/forms/reset_password.py
@@ -0,0 +1,27 @@
+from lms.lmsweb.tools.validators import EmailNotExists
+from flask_babel import gettext as _  # type: ignore
+from flask_wtf import FlaskForm
+from wtforms import StringField
+from wtforms.fields.simple import PasswordField
+from wtforms.validators import Email, EqualTo, InputRequired, Length
+
+
+class ResetPassForm(FlaskForm):
+    email = StringField(
+        'Email', validators=[
+            InputRequired(), Email(message=_('אימייל לא תקין')),
+            EmailNotExists,
+        ],
+    )
+
+
+class RecoverPassForm(FlaskForm):
+    password = PasswordField(
+        'Password', validators=[InputRequired(), Length(min=8)], id='password',
+    )
+    confirm = PasswordField(
+        'Password Confirmation', validators=[
+            InputRequired(),
+            EqualTo('password', message=_('הסיסמאות שהוקלדו אינן זהות')),
+        ],
+    )
diff --git a/lms/lmsweb/tools/validators.py b/lms/lmsweb/tools/validators.py
@@ -19,3 +19,11 @@ def UniqueEmailRequired(
     email_exists = User.get_or_none(User.mail_address == field.data)
     if email_exists:
         raise ValidationError(_('האימייל כבר נמצא בשימוש'))
+
+
+def EmailNotExists(
+    _form: 'ResetPassForm', field: StringField,  # type: ignore # NOQA: F821
+) -> None:
+    email_exists = User.get_or_none(User.mail_address == field.data)
+    if not email_exists:
+        raise ValidationError(_('האימייל לא רשום במערכת'))