def put(self): args = self.get_put_arguments() try: email = auth_tokens_store.get("reset-%s" % args["token"]) if email: auth.validate_password(args["password"], args["password2"]) password = auth.encrypt_password(args["password"]) persons_service.update_password(email, password) auth_tokens_store.delete("reset-%s" % args["token"]) return {"success": True} else: return ( { "error": True, "message": "Wrong or expired token." }, 400, ) except auth.PasswordsNoMatchException: return ( { "error": True, "message": "Confirmation password doesn't match.", }, 400, ) except auth.PasswordTooShortException: return {"error": True, "message": "Password is too short."}, 400 except UnactiveUserException: return {"error": True, "message": "User is unactive."}, 400
def clean_auth_tokens(): """ Remove all revoked tokens (most of the time outdated) from the key value store. """ for key in auth_tokens_store.keys(): value = json.loads(auth_tokens_store.get(key)) is_revoked = value["revoked"] == True expiration = datetime.datetime.fromtimestamp(value["token"]["exp"]) is_expired = expiration < datetime.datetime.now() if is_revoked or is_expired: auth_tokens_store.delete(key)
def put(self): """ Ressource to allow a user to change his password when he forgets it. --- description: "It uses a classic scheme: a token is sent by email to the user. Then he can change his password." tags: - Authentification parameters: - in: body name: Credentials description: The token, new password and confirmation password of the user schema: type: object required: - token - password - password_2 properties: token: type: UUID password: type: string password_2: type: string responses: 200: description: Password reset 400: description: Invalid password Wrong or expired token Inactive user """ args = self.get_put_arguments() try: email = auth_tokens_store.get("reset-%s" % args["token"]) if email: auth.validate_password(args["password"], args["password2"]) password = auth.encrypt_password(args["password"]) persons_service.update_password(email, password) auth_tokens_store.delete("reset-%s" % args["token"]) return {"success": True} else: return ( { "error": True, "message": "Wrong or expired token." }, 400, ) except auth.PasswordsNoMatchException: return ( { "error": True, "message": "Confirmation password doesn't match.", }, 400, ) except auth.PasswordTooShortException: return {"error": True, "message": "Password is too short."}, 400 except UnactiveUserException: return {"error": True, "message": "User is inactive."}, 400