diff --git a/app/api/routes/routes.py b/app/api/routes/routes.py index 2d13288..f5d2719 100644 --- a/app/api/routes/routes.py +++ b/app/api/routes/routes.py @@ -44,12 +44,27 @@ def serve_paths(filename): @api.route("/panel/auth/reset", methods=["POST"]) -@jwt_required() +# @jwt_required() def merms_reset(): data = request.get_json() response = LoginService.process_reset(data) return response +@api.route("/panel/auth/resetverify", methods=["POST"]) +# @jwt_required() +def merms_resetverify(): + data = request.get_json() + response = LoginService.verify_reset(data) + return response + +@api.route("/panel/auth/resetcomplete", methods=["POST"]) +# @jwt_required() +def merms_resetcomplete(): + data = request.get_json() + response = LoginService.complete_reset(data) + return response + + @api.route("/panel/Login", methods=["POST"]) @jwt_required() diff --git a/app/api/services/login.py b/app/api/services/login.py index 7b32463..06b0315 100644 --- a/app/api/services/login.py +++ b/app/api/services/login.py @@ -63,7 +63,91 @@ class LoginService(BaseService): db.session.rollback() return ResponseHelper.internal_server_error() + @staticmethod + def verify_reset(data): + try: + with db.session.begin(): + validated_data = LoginService.validate_data(data, ResetPassStart()) + username = validated_data.get('username') + member = Members.get_member_by_username(username) + if not member: + invalid_data = { + "error_message": "You will get email to continue the process if the account is valid", + "reset_message": "", + "message_key": "invalid_username_or_password", + } + return ResponseHelper.success(data=invalid_data) + reset_data = PasswordReset.create_reset(username=username) + BaseService.send_resetpass_mail(member.email, str(member.uid), member.id, "FF", + "LL") # pending_uid, pending_id, firstname, lastname + + response_data = { + "error_message": "", + "reset_message": "Check your email to continue password reset.", + "message_key": "check_your_email_message", + } + + return ResponseHelper.success(data=response_data) + + except ValidationError as err: + + logger.error(f"Validation Error: {getattr(err, 'messages', str(err))}") + db.session.rollback() + return ResponseHelper.unprocessable_entity(result_description="Validation exception") + + except ValueError as err: + logger.error(f"{getattr(err, 'messages', str(err))}") + db.session.rollback() + return ResponseHelper.error(result_description=str(err)) + + except Exception as e: + logger.error(f"An error occurred: {str(e)}", exc_info=True) + db.session.rollback() + return ResponseHelper.internal_server_error() + + @staticmethod + def complete_reset(data): + try: + with db.session.begin(): + + validated_data = LoginService.validate_data(data, ResetPassStart()) + username = validated_data.get('username') + member = Members.get_member_by_username(username) + if not member: + invalid_data = { + "error_message": "You will get email to continue the process if the account is valid", + "reset_message": "", + "message_key": "invalid_username_or_password", + } + return ResponseHelper.success(data=invalid_data) + reset_data = PasswordReset.create_reset(username=username) + BaseService.send_resetpass_mail(member.email, str(member.uid), member.id, "FF", + "LL") # pending_uid, pending_id, firstname, lastname + + response_data = { + "error_message": "", + "reset_message": "Check your email to continue password reset.", + "message_key": "check_your_email_message", + } + + return ResponseHelper.success(data=response_data) + + except ValidationError as err: + + logger.error(f"Validation Error: {getattr(err, 'messages', str(err))}") + db.session.rollback() + return ResponseHelper.unprocessable_entity(result_description="Validation exception") + + except ValueError as err: + logger.error(f"{getattr(err, 'messages', str(err))}") + db.session.rollback() + return ResponseHelper.error(result_description=str(err)) + + except Exception as e: + logger.error(f"An error occurred: {str(e)}", exc_info=True) + db.session.rollback() + return ResponseHelper.internal_server_error() @staticmethod def process_request(data):