def process(self): newpassword = request.form['newpassword'] password_reset = request.referrer.split('?key=')[1] logging.info( f"用户要把密码更新为{len(newpassword)}长度的一个新密码,reset_key是{password_reset}") # 判断newpassword是否为空或者小于3字节 if len(str(newpassword)) < 3: logging.warning(f"用户更新密码失败,密码太短") return make_response( render_template('error.html', flag="too_short"), 200) # #判断password_reset是否还有效,如有效则取出来user_id user = UserService.get_user_by_pwreset(password_reset) if not user or (int(time.time()) - user.password_reset_timestamp > 24 * 3600): #密码重置链接已经超过24小时 logging.warning(f"用户更新密码失败,找不到用户,或者密码重置链接已经超过24小时") return make_response(render_template('error.html', flag="invalid"), 200) update_data = {"password_reset": '', "password_reset_timestamp": 0} UserService.modify_user_by_id(user.id, update_data) UserService.user_pwdreset_submit(user_id=user.id, newpassword=newpassword) db.session.commit() logging.info(f"{user.id}用户更新密码成功") return make_response( render_template('resetpassword.html', flag="success"), 200)
def process(self): password_reset = request.args.get('key', type=str) if not password_reset: return make_response(render_template('error.html'), 200) #判断password_reset是否还有效,如有效则取出来user_id user = UserService.get_user_by_pwreset(password_reset) website_proxy = SettingService.get_setting_by_name('api_gateway_0') if website_proxy: url = website_proxy.value if url[-1:] != '/': url += '/' url = url + "app/passwordreset" else: logging.error( "ERROR: can not get website_proxy on appPasswordresetView") return make_response(render_template('error.html', flag="busy"), 200) #for debug # url = "http://127.0.0.1:8080/app/passwordreset" if not user or (int(time.time()) - user.password_reset_timestamp > 24 * 3600): #密码重置链接已经超过24小时 return make_response(render_template('error.html', flag="invalid"), 200) return make_response( render_template('resetpassword.html', email=user.email, passwordreset_url=url), 200)