def post(self, request, token=None):
user = check_token(token)
password = request.data.get('new_password', '')
if not password:
return Response(
dict(status="error", error_code="new_password_required",
message="You haven't provided a new password."))
# if we have a valid user
if user:
# check if the submitted password complies with the password_enforce_format
pass_check = password_enforce_format(password)
if pass_check:
user.set_password(password)
user.save()
return Response(
dict(status="error", error_code="invalid_password_format",
message=pass_check))
else:
package = dict(
caller='jwt_auth',
notification_type='RESET_PASSWORD_CONFIRMATION',
recipients=[user.email, ],
context=dict(
username=user.username,
password=password
)
)
notify = Notification(**package)
notify.send()
return Response(dict(status="success", message="Password has been successfully reset"))
else:
return Response(
dict(status="error", error_code="invalid_token",
message="The token you provided is invalid or has expired."))
def test_new_token(self):
token = new_token(self.test_user)
self.assertEqual(check_token(token), self.test_user)
