def process(self):
newpassword = request.form['newpassword']
password_reset = request.referrer.split('?key=')[1]
logging.info(
f"用户要把密码更新为{len(newpassword)}长度的一个新密码,reset_key是{password_reset}")
# 判断newpassword是否为空或者小于3字节
if len(str(newpassword)) < 3:
logging.warning(f"用户更新密码失败,密码太短")
return make_response(
render_template('error.html', flag="too_short"), 200)
# #判断password_reset是否还有效,如有效则取出来user_id
user = UserService.get_user_by_pwreset(password_reset)
if not user or (int(time.time()) - user.password_reset_timestamp >
24 * 3600): #密码重置链接已经超过24小时
logging.warning(f"用户更新密码失败,找不到用户,或者密码重置链接已经超过24小时")
return make_response(render_template('error.html', flag="invalid"),
200)
update_data = {"password_reset": '', "password_reset_timestamp": 0}
UserService.modify_user_by_id(user.id, update_data)
UserService.user_pwdreset_submit(user_id=user.id,
newpassword=newpassword)
db.session.commit()
logging.info(f"{user.id}用户更新密码成功")
return make_response(
render_template('resetpassword.html', flag="success"), 200)
def process(self):
body = self.parameters.get('body')
print("body:", body)
reset_token = body['reset_token']
newpassword = body['newpassword']
try:
data = jwt.decode(reset_token, config.settings.SECRET_KEY)
if data.get('action') != 'resetpassword':
return {
"code": 4004,
"message": returncode['4004'],
}, 401
if UserService.get_user(data['user_id']):
UserService.user_pwdreset_submit(data['user_id'], newpassword)
db.session.commit()
else:
return {
"code": 4004,
"message": returncode['4004'],
}, 401
except:
return {
"code": 4004,
"message": returncode['4004'],
}, 401