Merge pull request #135 from fsinfuhh/generate_reset_url

Generate password reset url
fsinfuhh · Oct 8, 2023 · 221e630 · 221e630
2 parents a59bade + 7410456
commit 221e630
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 5 deletions.
diff --git a/mafiasi/registration/urls.py b/mafiasi/registration/urls.py
@@ -9,6 +9,7 @@
     path("change_email/<token>", change_email, name="registration_change_email"),
     path("request_successful", request_successful, name="registration_request_successful"),
     path("account", account_settings, name="registration_account"),
+    path("password_reset", password_reset, name="registration_password_reset"),
 ]
 
 if settings.REGISTER_ENABLED:

diff --git a/mafiasi/registration/views.py b/mafiasi/registration/views.py
@@ -1,4 +1,5 @@
 from smtplib import SMTPRecipientsRefused
+from urllib.parse import urlencode
 
 from django.conf import settings
 from django.contrib import messages
@@ -316,11 +317,12 @@ def _finish_account_request(request, info):
 
 def _send_email_exists(request, username):
     email = Mafiasi.objects.get(username=username).real_email
+    password_reset_url = request.build_absolute_uri(reverse("registration_password_reset"))
     email_content = render_to_string(
         "registration/email_exists.txt",
         {
             "username": username,
-            "password_reset_url": settings.PASSWORD_RESET_URL,
+            "password_reset_url": password_reset_url,
         },
     )
     return _send_mail_or_error_page(
@@ -357,3 +359,20 @@ def _send_mail_or_error_page(subject, content, address, request, email_shown):
             "email": email_shown,
         },
     )
+
+
+def password_reset(request):
+    password_reset_url = settings.PASSWORD_RESET_URL
+    if password_reset_url is None:
+        password_reset_url = (
+            settings.OPENID_ISSUER
+            + "/login-actions/reset-credentials?"
+            + urlencode(
+                {
+                    "response_type": "code",
+                    "client_id": settings.OPENID_CLIENT_ID,
+                    "redirect_uri": request.build_absolute_uri(reverse(settings.LOGIN_URL)),
+                }
+            )
+        )
+    return redirect(password_reset_url)
diff --git a/mafiasi/settings.py b/mafiasi/settings.py
@@ -30,10 +30,9 @@
 KEYCLOAK_ACCOUNT_CONSOLE_URL = env.str(
     "MAFIASI_KEYCLOAK_ACCOUNT_CONSOLE_URL", default="https://identity.mafiasi.de/realms/mafiasi/account"
 )
-PASSWORD_RESET_URL = env.str(
-    "MAFIASI_PASSWORD_RESET_URL",
-    default="https://identity.mafiasi.de/realms/mafiasi/login-actions/reset-credentials",
-)
+
+# If this is None, it is automatically generated from OPENID_ISSUER
+PASSWORD_RESET_URL = env.str("MAFIASI_PASSWORD_RESET_URL", default=None)
 
 OPENID_SYNC_SUPERUSER = env.bool("MAFIASI_OPENID_SYNC_SUPERUSER", default=True)
 if OPENID_SYNC_SUPERUSER: