def post(self):
email = request.form.get("email", None)
if email is None:
abort(400, message="email is required")
if not Validate().email(email):
abort(400, message="invalid email address")
try:
account = ModelAccount.get(ModelAccount.email == email)
except peewee.DoesNotExist:
abort(400, message="email does not exist")
# create token
now = round(time.time())
token = ModelToken()
token.account_id = account.account_id
token.token_value = token.generateToken()
token.date_created = now
token.save()
# cleanup old tokens
oldtokens = ModelToken.delete().where(
ModelToken.date_created < now - ModelToken.EXPIRE_IN
)
oldtokens.execute()
# prep email data
name = account.first_name + " " + account.last_name
url = config.get(
'ui_server', 'ui_url'
) + "#passwordReset?token=" + token.token_value
data = {
'name': name,
'url': url,
}
body = vegadns.api.email.parseTemplate('password_reset_request', data)
to = account.email
subject = "VegaDNS Password Reset Request"
# send email
common = vegadns.api.email.common.Common()
vegadns.api.email.send(to, subject, body)
return {'status': 'ok'}
def fetchToken(self, token):
if token is None:
abort(400, message="token is required")
expired = round(time.time()) - ModelToken.EXPIRE_IN
try:
storedToken = ModelToken.get(
ModelToken.token_value == token,
ModelToken.date_created > expired
)
except peewee.DoesNotExist:
abort(404, message="token does not exist")
return storedToken
