1. Fixed an issue where resetting the password from the password reset link was not working. #7500

2. Fixed an issue where the recover password button was enabled even when no email id was provided. #7487
2024-11-22 08:46:39 -06:00 · 2024-05-24 13:18:05 +05:30 · 2024-05-24 13:18:05 +05:30 · 36a71dc7fa
commit 36a71dc7fa
parent 6179638fee
2 changed files with 9 additions and 5 deletions
--- a/web/pgadmin/browser/init.py
+++ b/web/pgadmin/browser/init.py
@ -1073,7 +1073,7 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE:

        for errors in form.errors.values():
            for error in errors:
-                flash(error, MessageType.WARNING)
+                flash(str(error), MessageType.WARNING)

        return _security.render_template(
            config_value('FORGOT_PASSWORD_TEMPLATE'),
@ -1108,6 +1108,9 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE:
        form_class = _security.forms.get('reset_password_form').cls
        form = form_class(request.form) if request.form else form_class()

+        if sys.version_info >= (3, 8):
+            form.user = user
+
        if form.validate_on_submit():
            try:
                update_password(user, form.password.data)
@ -1135,7 +1138,7 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE:
                has_error = True

            if not has_error:
-                after_this_request(view_commit)
+                view_commit()
                auth_obj = AuthSourceManager(form, [INTERNAL])
                session['_auth_source_manager_obj'] = auth_obj.as_dict()

@ -1150,8 +1153,9 @@ if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE:
                auth_obj = AuthSourceManager(form, [INTERNAL])
                session['auth_source_manager'] = auth_obj.as_dict()

-                return redirect(get_url(_security.post_reset_view) or
-                                get_url(_security.post_login_view))
+                return redirect(
+                    current_app.config['SECURITY_POST_RESET_VIEW'] or
+                    current_app.config['SECURITY_POST_LOGIN_VIEW'])

        return _security.render_template(
            config_value('RESET_PASSWORD_TEMPLATE'),
--- a/web/pgadmin/static/js/SecurityPages/ForgotPasswordPage.jsx
+++ b/web/pgadmin/static/js/SecurityPages/ForgotPasswordPage.jsx
@ -19,7 +19,7 @@ export default function ForgotPasswordPage({csrfToken, actionUrl, ...props}) {
        <div>{gettext('Enter the email address for the user account you wish to recover the password for:')}</div>
        <InputText name="email" value={form.email} onChange={(v)=>onTextChange('email', v)} placeholder={gettext('Email Address')} autoFocus
          controlProps={{autoComplete: null}} />
-        <SecurityButton name="internal_button" value="Recover Password">{gettext('Recover Password')}</SecurityButton>
+        <SecurityButton name="internal_button" value="Recover Password" disabled={!form.email}>{gettext('Recover Password')}</SecurityButton>
      </form>
    </BasePage>
  );