def post(self): token = self.request.get("token") try: user_id, recovery_token = token.split(",") except: return self.redirect("/") user = User.getById(user_id) if not user or not recovery_token == "%s" % user.created.strftime("%f"): return self.redirect("/") # TODO: Validate password (6 chars etc.) new_password = self.request.get("password") new_password_repeat = self.request.get("password_repeat") if not new_password: return self.render("reset_password.html", token=token, message_text=getMessage("regpasserror")) if not new_password == new_password_repeat: return self.render("reset_password.html", token=token, message_text=getMessage("regpassrepeaterror")) SetUserPassword(user, new_password) return self.redirect("/?message=passwordreset")
def Authenticate(request): h = request.cookies.get('name') user_id = hashes.check_secure_val(h) if user_id: user = User.getById(user_id) if user and user.active: return user
def get(self): token = self.request.get("token") try: user_id, recovery_token = token.split(",") except: return self.redirect("/") user = User.getById(user_id) if not user or not recovery_token == "%s" % user.created.strftime("%f"): return self.redirect("/") return self.render("reset_password.html", token=token)