From 6a89e6ed6f4bbcf372977df543b3be57122cff72 Mon Sep 17 00:00:00 2001 From: Ilya Beda Date: Mon, 18 Nov 2024 12:43:13 +1100 Subject: [PATCH] User friendly error whenset pasword link is expired Ref https://github.com/HadleyLab/ucfwealth/issues/42 --- resources/seeds/NotificationTemplate/reset-user-password.yaml | 1 + ucf-app/app/auth/operations.py | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/resources/seeds/NotificationTemplate/reset-user-password.yaml b/resources/seeds/NotificationTemplate/reset-user-password.yaml index f64aac3..afdfdaf 100644 --- a/resources/seeds/NotificationTemplate/reset-user-password.yaml +++ b/resources/seeds/NotificationTemplate/reset-user-password.yaml @@ -5,6 +5,7 @@ template: |-
Please click on the link below to reset your password: {{ confirm-href }}

+ The link is valid for 24 hours.
If you did not request a password reset, please do not click the link to reset your password. If you have received this message in error, or if you have any questions or concerns, please contact us at Dexter.Hadley@ucf.edu
diff --git a/ucf-app/app/auth/operations.py b/ucf-app/app/auth/operations.py index ce65dfa..410c162 100644 --- a/ucf-app/app/auth/operations.py +++ b/ucf-app/app/auth/operations.py @@ -112,11 +112,11 @@ async def set_password_op(operation, request): await client.resources("SetPasswordToken").search(_id=set_password_token_id).first() ) if not is_set_password_token_valid(set_password_token): - raise OperationOutcome(reason="Invalid request") + raise OperationOutcome(reason="The reset password link is expired, please request a new one") user = await set_password_token["user"].to_resource() await user.patch(**{"password": password}) await set_password_token.patch(**{"status": "used"}) await remove_user_sessions(db, user.id) - return web.json_response({"message": "The password was successfully changed"}) \ No newline at end of file + return web.json_response({"message": "The password was successfully changed"})