Add password reset mechanism (Issue #1)

- Added reset_token and reset_token_expiry fields to User model - Implemented generate_reset_token(), verify_reset_token(), and clear_reset_token() methods - Created password reset request form (/password-reset-request) - Created password reset form (/password-reset/<token>) - Added "Forgot password?" link to login page - Reset tokens expire after 1 hour for security - Created migration script to add new database columns - Reset links are logged (would be emailed in production) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-11 18:46:18 -05:00
parent a1d8c9d373
commit 51911f2c48
6 changed files with 244 additions and 0 deletions
--- a/migrate_password_reset.py
+++ b/migrate_password_reset.py
@@ -0,0 +1,54 @@
+#!/usr/bin/env python3
+"""
+Database migration to add password reset fields to users table.
+Run this once to add the new columns for password reset functionality.
+"""
+
+import sys
+from app import app, db
+
+def migrate():
+    """Add password reset columns to users table"""
+    with app.app_context():
+        try:
+            # Check if columns already exist
+            from sqlalchemy import inspect
+            inspector = inspect(db.engine)
+            columns = [col['name'] for col in inspector.get_columns('users')]
+
+            if 'reset_token' in columns and 'reset_token_expiry' in columns:
+                print("✓ Password reset columns already exist")
+                return True
+
+            # Add the new columns using raw SQL
+            with db.engine.connect() as conn:
+                if 'reset_token' not in columns:
+                    print("Adding reset_token column...")
+                    conn.execute(db.text(
+                        "ALTER TABLE users ADD COLUMN reset_token VARCHAR(100) UNIQUE"
+                    ))
+                    conn.execute(db.text(
+                        "CREATE INDEX IF NOT EXISTS ix_users_reset_token ON users(reset_token)"
+                    ))
+                    conn.commit()
+
+                if 'reset_token_expiry' not in columns:
+                    print("Adding reset_token_expiry column...")
+                    conn.execute(db.text(
+                        "ALTER TABLE users ADD COLUMN reset_token_expiry TIMESTAMP"
+                    ))
+                    conn.commit()
+
+            print("✓ Password reset columns added successfully")
+            return True
+
+        except Exception as e:
+            print(f"✗ Migration failed: {e}")
+            import traceback
+            traceback.print_exc()
+            return False
+
+if __name__ == '__main__':
+    print("Running password reset migration...")
+    success = migrate()
+    sys.exit(0 if success else 1)