6 changed files with 9 additions and 39 deletions
--- a/9
+++ b/9
@ -1,9 +0,0 @@
 FROM greyltc/archlinux-aur:yay
 WORKDIR /alkator
 COPY . .
 run pacman -Syu python python-weasyprint python-dateutil python-django npm --noconfirm
 RUN sudo -u ab -D~ bash -c 'yay -Syu --removemake --needed --noprogressbar --noconfirm python-daphne'
 RUN cd frontent && npm install && npm run build && rm -rf node_modules && cd ..
 RUN python manage.py collectstatic
 EXPOSE 8002
 CMD ["/usr/bin/daphne", "alkator.asgi:application", "-p", "8002"]
--- a/alkator/settings.py
+++ b/alkator/settings.py
@ -32,7 +32,6 @@ CSRF_TRUSTED_ORIGINS  = ['https://alkator.cz', 'https://beta.alkator.cz']
 # Application definition
 INSTALLED_APPS = [
    'daphne',
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
@ -71,7 +70,6 @@ TEMPLATES = [
 ]
 WSGI_APPLICATION = 'alkator.wsgi.application'
 ASGI_APPLICATION = 'alkator.asgi.application'
 SESSION_COOKIE_SECURE = True
--- a/alkator/urls.py
+++ b/alkator/urls.py
@ -16,7 +16,6 @@ Including another URLconf
 """
 from django.contrib import admin
 from django.urls import path
 from django.conf.urls.static import static
 from alkatorapi.views import (
    register_user, register_racer,
    login, logout,
@ -52,4 +51,4 @@ urlpatterns = [
    path('api/cart/select_delivery', select_delivery),
    path('api/cart/delivery', delivery),
    path('api/forgotten_password', forgotten_password),
-] + static('/', document_root='frontend/build')
+]
--- a/alkatorapi/admin.py
+++ b/alkatorapi/admin.py
@ -10,7 +10,7 @@ class RacerAdmin(admin.ModelAdmin):
@admin.register(Product)
 class ProductAdmin(admin.ModelAdmin):
-    list_display = ("name", "description", "price", "hidden", "quantity")
+    list_display = ("name", "description", "price", "quantity")
@admin.register(Invoice)
--- a/alkatorapi/views.py
+++ b/alkatorapi/views.py
@ -85,43 +85,24 @@ def forgotten_password(request):
        user = DjangoUser.objects.get(username=request.POST['email'])
    except DjangoUser.DoesNotExist:
        return HttpResponse('{"reason":"Účet nenalezen!"}', status=404, content_type='application/json')
-    if user.profile.forgotten_password_code != request.POST['code'].strip():
+    if user.profile.forgotten_password_code != request.POST['code']:
        return HttpResponse('{"reason":"Špatný kód!"}', status=400, content_type='application/json')
    user.set_password(request.POST['password1'])
    user.save()
    user.profile.forgotten_password_code = None
    user.profile.save()
    auth_login(request, user)
    return HttpResponse('{"success":"Úspěšně změněné heslo uživatele ' + user.email + '!", "redirect":"/#"}', content_type='application/json')
@csrf_exempt
 def login(request):
    if "forgotten_password" in request.POST:
        email = request.POST["email"]
-        try:
+        user = DjangoUser.objects.get(username=email)
            user = DjangoUser.objects.get(username=email)
        except DjangoUser.DoesNotExist:
            return HttpResponse('{"reason":"Nezadané jméno nebo uživatel neexistuje!"}', status=404, content_type='application/json')
        code = secrets.token_urlsafe(10)
        user.profile.forgotten_password_code = code
        user.profile.save()
-        mail = EmailMessage("zapomenuté heslo v Alkátor Race", f"""Zdravím tě Alkátore,
+        mail = EmailMessage("zapomenuté heslo v Alkátor Race", f"""{code} https://alkator.cz/#forgotten_password""", "info@alkator.cz", [request.POST["email"]])
-
+        mail.send()
-kód pro změnu hesla: {code}
+        return HttpResponse('{"success":"Úspěšně poslán kód pro obnovení hesla uživatele '+ user.email + '", "redirect":"/#forgotten_password"}', content_type='application/json')
 Změna hesla probíhá na stránce: https://alkator.cz/#forgotten_password
 Na tento email není třeba odpovídat, protože je generován automaticky. V případě potřeby pište na info@alkator.cz .
 ALKÁTOR TEAM
 email: info@alkator.cz
 tel: + 420 728 018 088
 web: https://alkator.cz""", "info@alkator.cz", [email])
        if mail.send():
            return HttpResponse('{"success":"Úspěšně poslán kód pro obnovení hesla uživatele '+ user.email + '", "redirect":"/#forgotten_password"}', content_type='application/json')
        else:
            return HttpResponse('{"reason":"Nepovedlo se odelat email"}', status=400, content_type='application/json')
    else:
        try:
            user = authenticate(request, username=request.POST['email'], password=request.POST['password'])
@ -136,6 +117,7 @@ web: https://alkator.cz""", "info@alkator.cz", [email])
@csrf_exempt
 def logout(request):
    auth_logout(request)
    return redirect("/#")
--- a/frontend/src/scripts/index.js
+++ b/frontend/src/scripts/index.js
@ -515,7 +515,7 @@ class Main extends Component {
                <label for="password2" class="form-label">Nové heslo znova:</label>
                <input type="password" class="form-control" name="password2"/>
            </div>
-            <button type="submit" class="btn btn-primary">Obnovit heslo a přihlásit</button>
+            <button type="submit" class="btn btn-primary">Přihlásit</button>
        </form>
    </div>
    }