Disable password reset as temporary fix to vulnerability (#396)

Disabled password reset and left message notifying user of problem. In response to CVE-2019-19844
2026-01-17 05:22:16 +00:00 · 2020-01-17 13:13:16 +00:00
parent 4ad12ab40a
commit e0c6a56263
3 changed files with 14 additions and 1 deletions
--- a/RIGS/views.py
+++ b/RIGS/views.py
@@ -392,3 +392,7 @@ class ResetApiKey(generic.RedirectView):
        self.request.user.save()

        return reverse_lazy('profile_detail')
+
+
+class PasswordResetDisabled(generic.TemplateView):
+    template_name = "RIGS/password_reset_disable.html"