def process(self):
newpassword = request.form['newpassword']
password_reset = request.referrer.split('?key=')[1]
logging.info(
f"用户要把密码更新为{len(newpassword)}长度的一个新密码,reset_key是{password_reset}")
# 判断newpassword是否为空或者小于3字节
if len(str(newpassword)) < 3:
logging.warning(f"用户更新密码失败,密码太短")
return make_response(
render_template('error.html', flag="too_short"), 200)
# #判断password_reset是否还有效,如有效则取出来user_id
user = UserService.get_user_by_pwreset(password_reset)
if not user or (int(time.time()) - user.password_reset_timestamp >
24 * 3600): #密码重置链接已经超过24小时
logging.warning(f"用户更新密码失败,找不到用户,或者密码重置链接已经超过24小时")
return make_response(render_template('error.html', flag="invalid"),
200)
update_data = {"password_reset": '', "password_reset_timestamp": 0}
UserService.modify_user_by_id(user.id, update_data)
UserService.user_pwdreset_submit(user_id=user.id,
newpassword=newpassword)
db.session.commit()
logging.info(f"{user.id}用户更新密码成功")
return make_response(
render_template('resetpassword.html', flag="success"), 200)
def process(self):
password_reset = request.args.get('key', type=str)
if not password_reset:
return make_response(render_template('error.html'), 200)
#判断password_reset是否还有效,如有效则取出来user_id
user = UserService.get_user_by_pwreset(password_reset)
website_proxy = SettingService.get_setting_by_name('api_gateway_0')
if website_proxy:
url = website_proxy.value
if url[-1:] != '/':
url += '/'
url = url + "app/passwordreset"
else:
logging.error(
"ERROR: can not get website_proxy on appPasswordresetView")
return make_response(render_template('error.html', flag="busy"),
200)
#for debug
# url = "http://127.0.0.1:8080/app/passwordreset"
if not user or (int(time.time()) - user.password_reset_timestamp >
24 * 3600): #密码重置链接已经超过24小时
return make_response(render_template('error.html', flag="invalid"),
200)
return make_response(
render_template('resetpassword.html',
email=user.email,
passwordreset_url=url), 200)