def post(self): email = request.form.get("email", None) if email is None: abort(400, message="email is required") if not Validate().email(email): abort(400, message="invalid email address") try: account = ModelAccount.get(ModelAccount.email == email) except peewee.DoesNotExist: abort(400, message="email does not exist") # create token now = round(time.time()) token = ModelToken() token.account_id = account.account_id token.token_value = token.generateToken() token.date_created = now token.save() # cleanup old tokens oldtokens = ModelToken.delete().where( ModelToken.date_created < now - ModelToken.EXPIRE_IN ) oldtokens.execute() # prep email data name = account.first_name + " " + account.last_name url = config.get( 'ui_server', 'ui_url' ) + "#passwordReset?token=" + token.token_value data = { 'name': name, 'url': url, } body = vegadns.api.email.parseTemplate('password_reset_request', data) to = account.email subject = "VegaDNS Password Reset Request" # send email common = vegadns.api.email.common.Common() vegadns.api.email.send(to, subject, body) return {'status': 'ok'}
def fetchToken(self, token): if token is None: abort(400, message="token is required") expired = round(time.time()) - ModelToken.EXPIRE_IN try: storedToken = ModelToken.get( ModelToken.token_value == token, ModelToken.date_created > expired ) except peewee.DoesNotExist: abort(404, message="token does not exist") return storedToken