def r_reset_password(token):
args_rules = [
Rules.TOKEN.value
]
try:
ji.Check.previewing(args_rules, {'token': token})
token = Utils.verify_token(token, audience='r_reset_password')
user = User()
user.id = token['uid']
user.get()
args_rules = [
Rules.PASSWORD.value
]
user.password = request.json.get('password')
ji.Check.previewing(args_rules, user.__dict__)
user.password = ji.Security.ji_pbkdf2(user.password)
user.update()
except (ji.PreviewingError, ji.JITError), e:
return json.loads(e.message)
def r_before_request():
try:
g.ts = ji.Common.ts()
if not is_not_need_to_auth(request.endpoint) and request.blueprint is not None and request.method != 'OPTIONS':
g.config = Config()
g.config.id = 1
g.config.get()
token = session.get('token', '')
g.token = Utils.verify_token(token)
user = User()
user.id = g.token['uid']
try:
user.get()
except ji.PreviewingError, e:
# 如果该用户获取失败,则清除该用户对应的session。因为该用户可能已经被删除。
for key in session.keys():
session.pop(key=key)
return json.loads(e.message)
except ji.JITError, e:
ret = json.loads(e.message)
if ret['state']['code'] == '404':
return redirect(location=url_for('v_config.create'), Response=Response)
if ret['state']['sub']['code'] in ['41208']:
return redirect(location=url_for('v_misc.login'), Response=Response)
return ret
