Esempio n. 1
0
def send_confirm_email(email):
    try:
        user = User.get(User.email == email)
    except User.DoesNotExist:
        raise falcon.HTTPNotFound(description='The user does not exist.')

    token = token_serializer.dumps(user.id)

    message = MIMEText(token, 'plain')
    message['Subject'] = 'Confirm your email address'

    send_message(email, message)
Esempio n. 2
0
def send_reset_email(email):
    try:
        user = User.get(User.email == email)
    except User.DoesNotExist:
        raise falcon.HTTPNotFound(description='The user does not exist.')

    token = token_serializer.dumps((user.id, str(user.reset_key)))

    message = MIMEText(token, 'plain')
    message['Subject'] = 'Reset your password'

    send_message(email, message)
Esempio n. 3
0
def authenticate(email, password):
    try:
        user = User.get(User.email == email)
    except User.DoesNotExist:
        raise falcon.HTTPNotFound(description='The user does not exist.')

    if user.confirmed_at is None:
        raise falcon.HTTPBadRequest(
            description='The user has not been confirmed.')

    if not bcrypt.checkpw(password.encode(), user.hash):
        raise falcon.HTTPUnauthorized(
            description='The user could not be authenticated.')

    claims = {
        'exp': time.time() + 60 * 60 * 24,
        'iat': time.time(),
        'user_id': user.id
    }

    safe_user = model_to_dict(user, recurse=False, exclude=[User.hash])
    return (safe_user, jwt.encode(claims, 'secret', algorithm='HS256'))