From e8ac62cdd888295fb590b2e4d6f903b3c753fa85 Mon Sep 17 00:00:00 2001 From: Ozzieisaacs Date: Wed, 13 May 2020 20:15:35 +0200 Subject: [PATCH] Moved password replace to prevent incomplete session --- cps/helper.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cps/helper.py b/cps/helper.py index ee733983..d369a6d0 100644 --- a/cps/helper.py +++ b/cps/helper.py @@ -450,11 +450,11 @@ def reset_password(user_id): existing_user = ub.session.query(ub.User).filter(ub.User.id == user_id).first() if not existing_user: return 0, None - password = generate_random_password() - existing_user.password = generate_password_hash(password) if not config.get_mail_server_configured(): return 2, None try: + password = generate_random_password() + existing_user.password = generate_password_hash(password) ub.session.commit() send_registration_mail(existing_user.email, existing_user.nickname, password, True) return 1, existing_user.nickname