def _process(self): if 'token' in request.args: identity_id = secure_serializer.loads(request.args['token'], max_age=3600, salt='reset-password') identity = Identity.get(identity_id) if not identity: raise BadData('Identity does not exist') return self._reset_password(identity) else: return self._request_token()