def change_forgotten_password(request, user_id, token):
User = auth.get_user_model()
try:
user = User.objects.get(pk=user_id)
except User.DoesNotExist:
message = _("Form link is invalid. Please try again.")
return Response({'detail': message}, status=status.HTTP_400_BAD_REQUEST)
if not is_password_change_token_valid(user, token):
message = _("Form link is invalid. Please try again.")
return Response({'detail': message},
status=status.HTTP_400_BAD_REQUEST)
try:
form = ResetPasswordForm()
form.confirm_allowed(user)
except ValidationError:
message = _("Your link has expired. Please request new one.")
return Response({'detail': message},
status=status.HTTP_400_BAD_REQUEST)
if request.method == 'POST':
return process_forgotten_password_form(request, user)
else:
return Response({
'username': user.username,
'email': user.email
})
def change_forgotten_password(request, user_id, token):
User = auth.get_user_model()
invalid_message = _("Form link is invalid. Please try again.")
try:
user = User.objects.get(pk=user_id)
if request.is_authenticated() and request.user.id != user.id:
raise User.DoesNotExist()
except User.DoesNotExist:
return Response({'detail': invalid_message},
status=status.HTTP_400_BAD_REQUEST)
if not is_password_change_token_valid(user, token):
return Response({'detail': invalid_message},
status=status.HTTP_400_BAD_REQUEST)
try:
form = ResetPasswordForm()
form.confirm_allowed(user)
except ValidationError:
message = _("Your link has expired. Please request new one.")
return Response({'detail': message},
status=status.HTTP_400_BAD_REQUEST)
if request.method == 'POST':
return process_forgotten_password_form(request, user)
else:
return Response({
'username': user.username,
'email': user.email
})
def decorator(request, *args, **kwargs):
if 'user_id' in kwargs:
User = get_user_model()
user = get_object_or_404(User.objects, pk=kwargs.pop('user_id'))
kwargs['user'] = user
if not is_password_change_token_valid(user, kwargs['token']):
message = _("Your link is invalid. Please try again.")
return Response({'detail': message},
status=status.HTTP_404_NOT_FOUND)
try:
form = ResetPasswordForm()
form.confirm_allowed(user)
except ValidationError:
message = _("Your link has expired. Please request new one.")
return Response({'detail': message},
status=status.HTTP_404_NOT_FOUND)
return f(request, *args, **kwargs)
def decorator(request, *args, **kwargs):
if 'user_id' in kwargs:
User = get_user_model()
user = get_object_or_404(User.objects, pk=kwargs.pop('user_id'))
kwargs['user'] = user
if not is_password_change_token_valid(user, kwargs['token']):
message = _("Your link is invalid. Please try again.")
return Response({'detail': message},
status=status.HTTP_404_NOT_FOUND)
try:
form = ResetPasswordForm()
form.confirm_allowed(user)
except ValidationError:
message = _("Your link has expired. Please request new one.")
return Response({'detail': message},
status=status.HTTP_404_NOT_FOUND)
return f(request, *args, **kwargs)
