resets passwords

2026-01-29 20:51:14 -08:00
parent 86a09225e7
commit 607e65560c
10 changed files with 412 additions and 32 deletions
--- a/app.py
+++ b/app.py
@@ -170,6 +170,11 @@ def session_login():
        # Optional: short session
        session["expires_at"] = (datetime.utcnow() + timedelta(hours=8)).isoformat()

+        # Check if user needs password reset
+        user_profile = get_user_profile(uid)
+        if user_profile.get("password_reset_required"):
+            return jsonify({"requires_password_reset": True})
+
        return jsonify({"ok": True})
    except Exception as e:
        print("[ERR] session_login:", e)
@@ -182,6 +187,52 @@ def logout():
    return redirect(url_for("login"))


+@app.route("/require-password-reset")
+@login_required
+def require_password_reset():
+    """Show password reset page for users who need to reset their password"""
+    return render_template("require_password_reset.html")
+
+
+@app.route("/reset-password-submit", methods=["POST"])
+@login_required
+def reset_password_submit():
+    """Handle password reset form submission"""
+    uid = session.get("uid")
+    profile = get_user_profile(uid)
+
+    new_password = request.form.get("new_password")
+    confirm_password = request.form.get("confirm_password")
+
+    # Validate passwords match
+    if new_password != confirm_password:
+        flash("Passwords do not match", "error")
+        return redirect(url_for("require_password_reset"))
+
+    # Validate password length
+    if len(new_password) < 6:
+        flash("Password must be at least 6 characters", "error")
+        return redirect(url_for("require_password_reset"))
+
+    # Update password in Firebase Auth
+    try:
+        fb_auth.update_user(uid, password=new_password)
+        print(db.collection("users").document(uid))
+
+        # Clear the password reset required flag in Firestore
+        db.collection("users").document(uid).set({"password_reset_required": False},merge=True)
+        print(db.collection("users").document(uid))
+
+        print(f"[INFO] Password reset successful for user {uid}")
+    except Exception as e:
+        print(f"[ERR] Failed to reset password for {uid}: {e}")
+        flash("Failed to reset password. Please try again.", "error")
+        return redirect(url_for("require_password_reset"))
+
+    # Allow user to login now
+    return redirect(url_for("login"))
+
+
@app.route("/welcome")
@login_required
 def welcome():