def post(self):
success = User.set_new_password(self.data['token'],
self.data['password'])
if not success:
raise PyError({'msg': 'invalid_token'})
return {'msg': 'password_updated'}
def post(self):
success = User.set_new_password(self.data['token'],
self.data['password'])
if not success:
raise PyError({'msg': 'invalid_token'})
return {'msg': 'password_updated'}
def post(self):
email = self.data['email']
password = self.data['password']
user = User.auth_with_password(email, password)
expires = not self.data['remember']
if user:
return {
'token': create_token(user, expires=expires),
}
else:
raise APIError({'msg': 'invalid_password'})
def post(self):
email = self.data['email']
password = self.data['password']
user = User.auth_with_password(email, password)
expires = not self.data['remember']
if user:
return {
'token': gen_token(user, expires=expires),
'settings': user.settings,
}
else:
raise PyError({'msg': 'invalid_password'})
def post(self):
email = self.data['email']
password = self.data['password']
user = User.auth_with_password(email, password)
expires = not self.data['remember']
if user:
return {
'token': gen_token(user, expires=expires),
'settings': user.settings,
}
else:
raise PyError({'msg': 'invalid_password'})
def post(self):
email = self.data['email']
token = User.generate_reset_password_token(email)
if token is None:
raise PyError({'msg': 'email_not_found'})
# Email password reset token to user
app_name = get_application_id()
sender = 'noreply@%s.appspotmail.com' % app_name
subject = '%s password reset' % app_name.capitalize()
body = """
A password reset has been requested for your account. If you did not request
it, simply ignore this email, otherwise visit this link to reset your password:
https://%s.appspot.com/reset-password/%s
""" % (app_name, token)
mail.send_mail(sender, email, subject, body)
return {'msg': 'reset_link_sent'}
def post(self):
email = self.data['email']
token = User.generate_reset_password_token(email)
if token is None:
raise PyError({'msg': 'email_not_found'})
# Email password reset token to user
app_name = get_application_id()
sender = 'noreply@%s.appspotmail.com' % app_name
subject = '%s password reset' % app_name.capitalize()
body = """
A password reset has been requested for your account. If you did not request
it, simply ignore this email, otherwise visit this link to reset your password:
https://%s.appspot.com/reset-password/%s
""" % (app_name, token)
mail.send_mail(sender, email, subject, body)
return {'msg': 'reset_link_sent'}
def validate_token(message, max_days=None):
try:
data = _signer.loads(message)
except BadSignature:
return None, 'invalid_access_token'
# Tokens without creation time don't expire over time
if 'created_at' in data:
token_created_at = datetime.strptime(data['created_at'], _datetimefmt)
if (datetime.now() - token_created_at).days > max_days:
return None, 'expired_access_token'
user = User.get_by_id(data['id'])
if user is None:
return None, 'invalid_access_token'
# All existing tokens expire when user password has been changed
if user.password_hash != data['hash']:
return None, 'expired_access_token'
return user, None
def validate_token(message, max_days=None):
try:
data = _signer.loads(message)
except BadSignature:
return None, 'invalid_access_token'
# Tokens without creation time don't expire over time
if 'created_at' in data:
token_created_at = datetime.strptime(data['created_at'], _datetimefmt)
if (datetime.now() - token_created_at).days > max_days:
return None, 'expired_access_token'
user = User.get_by_id(data['id'])
if user is None:
return None, 'invalid_access_token'
# All existing tokens expire when user password has been changed
if user.password_hash != data['hash']:
return None, 'expired_access_token'
return user, None
