From f7d2e8563b50412d94f820bce6e0b5a5448dddc6 Mon Sep 17 00:00:00 2001
From: starnakin <camille@chauvet.pro>
Date: Sun, 12 Feb 2023 12:29:18 +0100
Subject: [PATCH] addd password recovery

---
 __pycache__/database.cpython-310.pyc          | Bin 1162 -> 2350 bytes
 __pycache__/mail.cpython-310.pyc              | Bin 0 -> 957 bytes
 database.json                                 |  15 +++-
 database.py                                   |  46 ++++++++--
 .../2029240f6d1128be89ddc32729463129          | Bin 9 -> 9 bytes
 .../320444fe8859cda10187fa078aaa3674          | Bin 49 -> 0 bytes
 mail.py                                       |   8 +-
 main.py                                       |  40 +++++++--
 templates/connected.html                      |  14 +++
 templates/error.html                          |  16 ++++
 templates/forgot.html                         |  83 ++++++++++++++++++
 templates/mails/password_recovery.html        |  76 ++++++++++++++++
 templates/reset.html                          |  83 ++++++++++++++++++
 13 files changed, 362 insertions(+), 19 deletions(-)
 create mode 100644 __pycache__/mail.cpython-310.pyc
 delete mode 100644 flask_session/320444fe8859cda10187fa078aaa3674
 create mode 100644 templates/connected.html
 create mode 100644 templates/error.html
 create mode 100644 templates/forgot.html
 create mode 100644 templates/mails/password_recovery.html
 create mode 100644 templates/reset.html

diff --git a/__pycache__/database.cpython-310.pyc b/__pycache__/database.cpython-310.pyc
index 7b9825e21f446bcd229d26411385eb6bea224275..bea011148a7a1b77b8b3dd82dd9adb11462e1482 100644
GIT binary patch
literal 2350
zcmaJ?OLH4V5T2QRSe9j3mX+9Y-XR4Dh!r3}4irT}uDC*((_U07_1KcFhnX2AQA#;E
z9Qg+v<O2u)1bza4VXs{9**7lG-K&=shppP)omcnQUq7a|x|$XE{PE}Cjo(8d{-VMB
z<Ky64e625q00FWsIx><S6{(IFd6MQ-+mC$y22r3Tc;G|utBOMHorq{jhocOHr!rcG
zCCI!HQ5Kf<%D#duti17~9E~8SSNDBbg*?vW$LniQz|k77uj2_Him-t*g}Ip$T*I05
zxtZ&*i8DpEx`kFZpv=~`;Reo^Xf(EV6K>(mwXwC^a0f@%$Gh*sJsfS0*Y3l6INAcW
zCn^uliJyv>gg>>qgQwpm!HcFgIthO4Yctq=wYF1**v0kO>YYQ|>z)&Z6`6#sF6gdH
zg1*(pHb}|*qj2y&zBYrxiIF@Nd*V#)R+L%7nZ%3R?K5F0S}gu~RBiS;x@ui)y75t~
zTYajZSD&HkUiI1F2i@)OwVa+oIUXd-2in!xI%%<FF(XZmv<JEqx7rPi@${i(f=-|=
z9-tslP91tfaimV=YdMq$_-FEfK!*}!nE<O@LrN-siaNA9HjQQy{7mGSRa#Q~Niu|_
z*0yfulUc#_WPJj&Rv*+D7ahAGUJ5cJeSFOZZ48Zeebc>!nv74Vydc+{7>W}K;>g<*
zhIE{zr}0B-7mcs5!J2;AvW|>gkg}XKW&FI;khxBpNV(Z0u|;AUsnn}1yUTic_crah
zfg;Hq$JV~+8EBBL$>ZTqfG_97ef%N%hZ2cbPK_`K&L1jtO#X(!pfbeNRFp03)lEE5
z36iiGTTISmnZ7lrU%GKvT3saHB_6VW=FN^oYZELrJ_(CnWMTkLA>zYQdSvC6G=%Rh
z^poVVpWtd5h7saTJs2ub;QgY?0{jz&K6xX5D2M8lN-Wql<iI)casDqpuY$hYfB2*l
zq=EM^Lz19AaN3$%xF=d_*_w?z+T6p@BIbOfsT)VNiDz`cVyhE*S(F&r5AgRb>{I3^
zi9cf=5M@g`|1jV}P*d(1b0uU%<~C|g6x5Tje~j%wn{}K>iM|SBsnLwP2b!s!A|+PG
z9B)hW5oyGfx7yjnZ}dQ4%17dA!nnzku{9J}hab~_fdoUKU|^Qe#}r8{<mo0=Us?oM
zer&Er#y+IIB@z!&TrxdhbF)&YNZyHc#<mvB6lR*!V%s6rTol!-^iN#7APAQ`Q5pa)
zzp=YSQ>XWQp7g6qay#8M=j62Ge2P}M^h?rw_J4THBV3)gZRqHXYQuglIA6ZfFtPlY
z4u4L9{w}dh0iLEMMZ*avN9q*2+iU5tA)H_vaQ+C>lDcu)7KW1B!r8bjaPUKO7f&aC
zzuyA9jZi*jAJa^^gKOps5(}WW8%ARyU&Yo}xSj8<9QNh{c4+eiXDa0=ba+KV-4J#|
z9nDZ2&6gyo4h?4&<z*7!mD$$Zp7=^)kZHO5^<J;d9he&?cN;ESu89;jC8eRvNnK$c
z3B;Ti><`~CnXfxN=(qJZl)3hO6eYX~Gcu<_nN=B;_lhCDUePZGSwF96MC1PeZH~qE

literal 1162
zcmZWo&2G~`5Z+n;#7R>pO-rT1g{vhX962C_pjV=zaI%CfC%YvkPEvL^&{VF3l=2?Q
zu@@f5R}QEb9)L@k*^st`k#;;YJD&OGXD8d+HHOsv{<Hs!Gxmd&yX2zs5|93hOfUgC
z8$k>s9&;d_=T7WM5Y8N8SGo&NxJ!tA;R*kO#T8MJ!7&$ss9v~n^{-YFTd37Y6Lq|I
z#kL61vUSJO5KXkyZNwdnxGi{>MXf7D!6IJz@3Qgi@Kx!(ok}(9oHd@bMQYMss^yc9
zdNMA(sg_Fj$^9;2iR?8V9UwDo0ZZ0pm(Yp0qDo6A&GSp9Dkxj_`)PYH8OgRbsT!xl
zY}`JSpW8<mdeT0cy^-T-H#71!_sOiRevl@y*(r*qi~*=BMfc<=&GJ5=ye7J)%ofxm
z6bzfQL-xLT4h9NX@FkmrfCE;rAy>Nva0UqZlOvEvyrU>s<gDVmd8SS24&_W^K{VLX
zB_y}?D5|^MSwl>Ev&3Q|UrnqAdk_G>cCS^4>OWX1)lCEIs2D_r=-ANdGUcHm0{a(!
zDAs1$8evJ~DS~X^wQWru6v<_9l4|{BqC}rEtjR%v;@a*!M1e+Dz!J{6;R~l=#x3|9
zGPKY(u2FcUKS=dJs<=wu#K=>#ny;UY5rZimZPcZ+LfOQ)abul7v44t9>_IAoooWlc
zHBGDr`=IWj@E_uhc~XxMHCv%BxB$Vw@dJi$hGQMh!Y!cSOWJR@b4BG}T_c@&Q*-?I
zS>)N4mJZIW^m;QRwc0_SxRU8arz5HMP}_tX_6M>*Ox8v1ql@;Dh0p?Q`F#{iUr8;E
zj>6bC_?kpdQEo*&w;4(<dZmYtDwno-cE{8%UDImVx!DHTaOwfsZXV7`vfCCsA5FwG
ZmoI34G@)(ciwJlPPw0eR%W1ix_XpKF?g{_^

diff --git a/__pycache__/mail.cpython-310.pyc b/__pycache__/mail.cpython-310.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..7b7772bcc4366ca98bcc79eb47efcaf3db45f598
GIT binary patch
literal 957
zcmYjP&1+LZ5Z`^Do3FM=tfqno^%BuUrC7uw1#3ZRN-+iTUBdS5rg`oAVt11^AwAWr
z_z!qUy!q#N-Kz)bzn~z_zN%!0nc4XbGdnvoS*=z^aGqcO2-j?cz8holcwlS+%eNpH
zVmL;@mBs-E+lsBk4s2{NJ9ZK`aN+JSmwC)*gq1$Kfyc_+XBFTo_xm2Jv84}AKp5_#
z=JF-vMSD%GYn|7fSDj(3qMQl^05QM;KU0&cl<}ihHX5{2uA*-kp~(szs%$G9(BX)y
zRxYy1t-CwB8{Pi>XM><~GECW%^?P({{b@Sh*gl)o)9j((c|2YWX}a2zT#UHTPM!&+
zU7pY=)+DD=o@RpSDvM+u({V4Q3D?AUdz3Nl%i-ZM50$PKP?)8Prz(U7{y(O11o$Pe
z`~pIu3v_NP%y0uuZDwtvsnIrQ4B7#0&n#t6E#_WWbBvL4X6_uFJIXuuA<k<ckUm5^
zjC`~|-9C4x?u-CdDm>)|np+qFR=UDW{#kjB<}jXjFdzr$q8L>dJx21)DZF9mJupKs
zjLM!cB?r!q$dbT1$b?xA?F>{B3kR;k1p%Y+iyxmUVSXum16G6uN_*hxM@QPDO3`p2
zOiQ#4^V6%L;8gJ*<9!NK?)^;xy-ZXdM~4CFb`JJ?-R`b-<LoF(10s3Kiiwn{>`5h}
z^r-2Hl6lh<CMrf0CDh;+I409qB(8(;^Fe!%CA=*a6)8Q5()KnVwfDJ@S$lun;pwm&
zDc&~OTlrX*%u_vMEkUrXgYa+_6QC7LtTn5SZ{j<@#SL&YOJW6-xCSDq7c0|BqJ+1S
zf6H66B3NE<DOls87sBL+hA2_wDr#L2tHw(<lZ*{x{sI;qNdpl?pqeVSYztqJ_iK&(
E0i9s)I{*Lx

literal 0
HcmV?d00001

diff --git a/database.json b/database.json
index 24754f9..33f2594 100644
--- a/database.json
+++ b/database.json
@@ -1 +1,14 @@
-{"users": {"1": {"camille@chauvet.pro": "b'$2b$12$AMuNu9CU/lUyaQjDmyWypeVg8beyRA795lrldMGAmHMXaeyfNnke.'"}}}
\ No newline at end of file
+{
+    "users": {
+        "1": {
+            "email": "camille@chauvet.pro",
+            "password": "b'$2b$12$FVOKVF9p/SlSv9ANVNDW.eOmv1f3qtB0WU86g4ED4B8J2fMBPZu7.'"
+        },
+        "2": {
+            "email": "spam@camille.chauvet.pro",
+            "password": "b'$2b$12$D2DexgunhMTbYWkXmEQKw.Aa13W9QZE4CjsNUyaU5bSaZ8ZpdJ2hO'"
+        }
+    },
+    "resets": {},
+    "_default": {}
+}
\ No newline at end of file
diff --git a/database.py b/database.py
index 71bb00c..4455776 100644
--- a/database.py
+++ b/database.py
@@ -1,27 +1,59 @@
-from tinydb import TinyDB, Query
+from tinydb import TinyDB, where, Query
+import uuid
 import hasher
 
-db = TinyDB("./database.json")
+db = TinyDB("./database.json", indent=4)
+query = Query()
+
 users = db.table("users");
 
 def get_users():
     return (users.all())
 
 def get_user_by_email(email: str):
-    for user in get_users():
-        if (list(user.keys())[0] == email):
-            return (user);
+    user_lst = users.search(query.email == email)
+    if (user_lst == []):
+        return (None)
+    return (user_lst[0])
+
+def email_exist(email: str) -> bool:
+    return (get_user_by_email(email) != None)
 
 def user_exist(email: str):
     return (get_user_by_email(email) != None)
 
 def add_user(email: str, password: str):
     password_hashed = hasher.hash_text(password)
-    users.insert({email: str(password_hashed)});
+    users.insert({"email": email, "password": str(password_hashed)});
 
 def check_password(email: str, password: str):
-    password_hashed = get_user_by_email(email).get(email)
+    password_hashed = get_user_by_email(email).get("password")
     password_hashed = bytes(password_hashed[2:-1], "utf-8")
     return (hasher.is_same(password, password_hashed))
 
+def change_user_password(email: str, password: str):
+    password_hashed = hasher.hash_text(password)
+    db.update({"password": password_hashed}, query.email == email)
+
 resets = db.table("resets")
+
+def get_email_by_reset_code(code: str):
+    user_lst = resets.search(query.code == code)
+    if (user_lst == []):
+        return (None)
+    return (user_lst[0])
+
+def reset_code_exist(code: str) -> bool:
+    return (get_email_by_reset_code(code) != None)
+
+def remove_reset_code_by_email(email: str):
+    resets.remove(query.email == email)
+
+def remove_reset_code_by_code(code: str):
+    resets.remove(query.code == code)
+
+def create_reset_code_by_email(email: str):
+    code = str(uuid.uuid4());
+    remove_reset_code_by_email(email);
+    resets.insert({"email": email, "code": code})
+    return (code)
diff --git a/flask_session/2029240f6d1128be89ddc32729463129 b/flask_session/2029240f6d1128be89ddc32729463129
index 8b04914a5e6ad4858df0019a6abe09326d3863de..60b84f8bf0af235343c89653c31a85c904ebfc66 100644
GIT binary patch
literal 9
QcmZQzU|?uq^=8lm00XQ5{{R30

literal 9
QcmZQzU|?uq^=8xq00XW800000

diff --git a/flask_session/320444fe8859cda10187fa078aaa3674 b/flask_session/320444fe8859cda10187fa078aaa3674
deleted file mode 100644
index e53970ba5221c845c713e7fbb8584a0cf5494709..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 49
zcmcER6-a4dovOqD0ku<lSW|NoGjpc&2q!1zX6EFiIwWT#mX@WK=oJ*@Pbt;|0AX|x
A6951J

diff --git a/mail.py b/mail.py
index 018f9ac..8e21ef2 100644
--- a/mail.py
+++ b/mail.py
@@ -1,6 +1,7 @@
 import ssl
 import smtplib
-from email.message import EmailMessage
+from email.mime.multipart import MIMEMultipart
+from email.mime.text import MIMEText
 
 config = {
     "server": "ssl0.ovh.net",
@@ -11,11 +12,11 @@ config = {
 }
 
 def send_mail(mail_add:str, subject:str, mail_content:str):
-    email = EmailMessage()
+    email = MIMEMultipart()
     email['From'] = config["display_name"]
     email["To"] = mail_add;
     email["subject"] = subject;
-    email.set_content(mail_content);
+    email.attach(MIMEText(mail_content, "html"))
 
     context = ssl.create_default_context();
 
@@ -23,4 +24,3 @@ def send_mail(mail_add:str, subject:str, mail_content:str):
         smtp.login(config["email"], config["password"]);
         smtp.sendmail(config["email"], mail_add, email.as_string());
 
-send_mail("camille@chauvet.pro", "test", "text")
diff --git a/main.py b/main.py
index b1ceb49..040d22d 100644
--- a/main.py
+++ b/main.py
@@ -2,6 +2,7 @@ from flask import Flask, render_template, request, redirect, session
 from flask_session import Session
 import utils
 import database
+import mail
 
 app = Flask(__name__);
 app.config["SESSION_PERMANENT"] = False
@@ -12,7 +13,6 @@ Session(app)
 def home():
     return (render_template("home.html"));
 
-
 @app.route("/connected")
 def connected():
     if (not session.get("email")):
@@ -21,12 +21,12 @@ def connected():
 
 @app.route("/login")
 def login():
+    if (session.get("email")):
+        return (redirect("/connected"))
     return (render_template("login.html"));
 
 @app.route('/login', methods=['POST'])
 def login_post():
-    if (not session.get("email")):
-        return (redirect("/connected"))
     email = request.form.get('email')
     password = request.form.get('password')
     if (not database.user_exist(email)):
@@ -43,12 +43,12 @@ def logout():
 
 @app.route("/signin")
 def signin():
+    if (session.get("email")):
+        return (redirect("/connected"))
     return (render_template("signin.html"));
 
 @app.route('/signin', methods=['POST'])
-def signup_post():
-    if (not session.get("email")):
-        return (redirect("/connected"))
+def signin_post():
     email = request.form.get('email')
     password = request.form.get('password')
     repassword = request.form.get('repassword')
@@ -65,9 +65,35 @@ def signup_post():
 def forgot():
     return (render_template("forgot.html"));
 
+@app.route("/forgot", methods=["POST"])
+def forgot_post():
+    email = request.form.get('email')
+    if (not database.email_exist(email)):
+        return (render_template("forgot.html", error="Ce compte n'existe pas'"))
+    uuid = database.create_reset_code_by_email(email);
+    mail.send_mail(email, "Password recovery", render_template("mails/password_recovery.html", code=uuid))
+    return (redirect(f"/reset/{uuid}"))
+
 @app.route("/reset/<uuid>")
 def reset(uuid):
-    return ("bozo")
+    if (not database.reset_code_exist(uuid)):
+        return (render_template("error.html", error="code inconnu"))
+    email = database.get_email_by_reset_code(uuid)
+    email = email["email"]
+    return (render_template("reset.html", email=email))
+
+@app.route("/reset/<uuid>", methods=['POST'])
+def reset_post(uuid):
+    if (not database.reset_code_exist(uuid)):
+        return (render_template("error.html", error="code inconnu"))
+    email = database.get_email_by_reset_code(uuid)
+    password = request.form.get('password')
+    repassword = request.form.get('repassword')
+    if (password != repassword):
+        return (render_template("reset.html", error="Les deux mots de passe sont differents"))
+    database.change_user_password(email, password);
+    database.remove_reset_code_by_code(uuid);
+    return (redirect("/login"))
 
 @app.route("/join/<uuid>")
 def join(uuid):
diff --git a/templates/connected.html b/templates/connected.html
new file mode 100644
index 0000000..26e0556
--- /dev/null
+++ b/templates/connected.html
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html lang="en">
+	<head>
+	    <meta charset="UTF-8">
+    	<title>PyMenu</title>
+	</head>
+	<body>
+	    <h1>connected</h1>
+	    <h2>Welcome to FlaskApp!</h2>
+		<a href="/logout">
+			<input type="button" value="logout">
+		</a>
+	</body>
+</html>
diff --git a/templates/error.html b/templates/error.html
new file mode 100644
index 0000000..3f1c7c7
--- /dev/null
+++ b/templates/error.html
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html lang="en">
+	<head>
+	    <meta charset="UTF-8">
+    	<title>PyMenu</title>
+	</head>
+	<body>
+	    <h1>Error</h1>
+		{% if error %}
+		<h2>{{error}}</h2>
+		{% endif %}
+		<a href="/">
+			<input type="button" value="Revenir a l'acceuil">
+		</a>
+	</body>
+</html>
diff --git a/templates/forgot.html b/templates/forgot.html
new file mode 100644
index 0000000..2a49a8b
--- /dev/null
+++ b/templates/forgot.html
@@ -0,0 +1,83 @@
+<!DOCTYPE html>
+<html lang="fr">
+    <head>
+        <meta charset="UTF-8">
+        <meta http-equiv="X-UA-Compatible" content="IE=edge">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <link rel="stylesheet" href="index.css" />
+        <title>Beyond School</title>
+    </head>
+    <body>
+        <div id="container">
+            <form method="post">
+                <h2>Mot de passe oublié ?</h2>
+                <label><b>Email :</b></label>
+                <input type="email" name="email" placeholder="Insérez votre email" required>
+                <br>
+				{% if error %}
+				<p>{{error}}</p>
+				{% endif %}
+                <input type="submit" value="Valider">
+				<a href="/login">
+					<input type="button" value="connection">
+            	</a>
+			</form>
+        </div>
+        <style>
+            body{
+                background: #67BE4B;
+            }
+            #container{
+                width:400px;
+                margin:0 auto;
+                margin-top:10%;
+            }
+            /* Bordered form */
+            form {
+                width:100%;
+                padding: 40px;
+                border: 1px solid #f1f1f1;
+                background: #fff;
+                box-shadow: 0 0 20px 0 rgba(0, 0, 0, 0.2), 0 5px 5px 0 rgba(0, 0, 0, 0.24);
+            }
+            #container h2{
+                width: 38%;
+                margin: 0 auto;
+                padding-bottom: 10px;
+                text-align: center;
+            }
+
+            /* Full-width inputs */
+            input[type=email], input[type=password], input[type=number] {
+                width: 100%;
+                padding: 12px 20px;
+                margin: 8px 0;
+                display: inline-block;
+                border: 1px solid #ccc;
+                box-sizing: border-box;
+            }
+
+            /* Set a style for all buttons */
+			input[type=submit], input[type=button] {
+                background-color: #53af57;
+                color: white;
+                padding: 14px 20px;
+                margin: 8px 0;
+                border: none;
+                cursor: pointer;
+                width: 100%;
+            }
+            input[type=submit]:hover {
+                background-color: white;
+                color: #53af57;
+                border: 1px solid #53af57;
+            }
+			h6 {
+				float: right;
+			}
+			p {
+				color: red;
+			}
+        </style>
+    </body>
+</html>
diff --git a/templates/mails/password_recovery.html b/templates/mails/password_recovery.html
new file mode 100644
index 0000000..ee73186
--- /dev/null
+++ b/templates/mails/password_recovery.html
@@ -0,0 +1,76 @@
+<!DOCTYPE html>
+<html lang="fr">
+    <head>
+        <meta charset="UTF-8">
+        <meta http-equiv="X-UA-Compatible" content="IE=edge">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <link rel="stylesheet" href="index.css" />
+        <title>Beyond School</title>
+    </head>
+    <body>
+        <div id="container">
+            <form method="post">
+                <h2>Mot de passe oublié ?</h2>
+				<a href="http://localhost:5000/reset/{{code}}">
+					<input type="button" value="connection">
+            	</a>
+			</form>
+        </div>
+        <style>
+            body{
+                background: #67BE4B;
+            }
+            #container{
+                width:400px;
+                margin:0 auto;
+                margin-top:10%;
+            }
+            /* Bordered form */
+            form {
+                width:100%;
+                padding: 40px;
+                border: 1px solid #f1f1f1;
+                background: #fff;
+                box-shadow: 0 0 20px 0 rgba(0, 0, 0, 0.2), 0 5px 5px 0 rgba(0, 0, 0, 0.24);
+            }
+            #container h2{
+                width: 38%;
+                margin: 0 auto;
+                padding-bottom: 10px;
+                text-align: center;
+            }
+
+            /* Full-width inputs */
+            input[type=email], input[type=password], input[type=number] {
+                width: 100%;
+                padding: 12px 20px;
+                margin: 8px 0;
+                display: inline-block;
+                border: 1px solid #ccc;
+                box-sizing: border-box;
+            }
+
+            /* Set a style for all buttons */
+			input[type=submit], input[type=button] {
+                background-color: #53af57;
+                color: white;
+                padding: 14px 20px;
+                margin: 8px 0;
+                border: none;
+                cursor: pointer;
+                width: 100%;
+            }
+            input[type=submit]:hover {
+                background-color: white;
+                color: #53af57;
+                border: 1px solid #53af57;
+            }
+			h6 {
+				float: right;
+			}
+			p {
+				color: red;
+			}
+        </style>
+    </body>
+</html>
diff --git a/templates/reset.html b/templates/reset.html
new file mode 100644
index 0000000..a7c4fef
--- /dev/null
+++ b/templates/reset.html
@@ -0,0 +1,83 @@
+<!DOCTYPE html>
+<html lang="fr">
+    <head>
+        <meta charset="UTF-8">
+        <meta http-equiv="X-UA-Compatible" content="IE=edge">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <link rel="stylesheet" href="index.css" />
+        <title>Beyond School</title>
+    </head>
+    <body>
+        <div id="container">
+            <form name="signin" method="post">
+                <h2>Connection</h2>
+                <label><b>Email :</b></label>
+				<input type="email" name="email" placeholder={{email}} disabled=true>
+                <br>
+                <label><b>Mot de passe :</b></label>
+                <input type="password" name="password" placeholder="Insérez votre mot de passe" required>
+                <br>
+                <label><b>Mot de passe :</b></label>
+                <input type="password" name="repassword" placeholder="Insérez votre mot de passe" required>
+				<br>
+                <input type="submit" value="Changer de mot de passe">
+			</form>
+        </div>
+        <style>
+            body{
+                background: #67BE4B;
+            }
+            #container{
+                width:400px;
+                margin:0 auto;
+                margin-top:10%;
+            }
+            /* Bordered form */
+            form {
+                width:100%;
+                padding: 40px;
+                border: 1px solid #f1f1f1;
+                background: #fff;
+                box-shadow: 0 0 20px 0 rgba(0, 0, 0, 0.2), 0 5px 5px 0 rgba(0, 0, 0, 0.24);
+            }
+            #container h2{
+                width: 38%;
+                margin: 0 auto;
+                padding-bottom: 10px;
+                text-align: center;
+            }
+
+            /* Full-width inputs */
+            input[type=email], input[type=password], input[type=number] {
+                width: 100%;
+                padding: 12px 20px;
+                margin: 8px 0;
+                display: inline-block;
+                border: 1px solid #ccc;
+                box-sizing: border-box;
+            }
+
+            /* Set a style for all buttons */
+			input[type=submit], input[type=button] {
+                background-color: #53af57;
+                color: white;
+                padding: 14px 20px;
+                margin: 8px 0;
+                border: none;
+                cursor: pointer;
+                width: 100%;
+            }
+            input[type=submit]:hover {
+                background-color: white;
+                color: #53af57;
+                border: 1px solid #53af57;
+            }
+			h6 {
+				float: right;
+			}
+			p {
+				color: red
+			}
+        </style>
+    </body>
+</html>