def validate_temp_session(self, value): from yan.auth.models import TemporarySession try: session = TemporarySession.get(value) user = session.user except Exception, e: logging.warn(e) raise ValidationError(_(u"Invalid temporary session."))
def reset_password(request, session_key): form = ResetPasswordForm() if request.method == 'GET': try: temporary_session = TemporarySession.get(session_key) except Exception: # BadKeyError ... etc temporary_session = None if temporary_session is None: raise Forbidden("Temporary Session might be expired.") # TODO: acquire new temporary session new_session = TemporarySession.get_new_session(temporary_session.user) temporary_session.delete() form.data['temp_session'] = str(new_session.key()) elif request.method == 'POST' and form.validate(request.form): new_session = TemporarySession.get(form['temp_session']) user = new_session.user user.set_password(form['new_password']) new_session.delete() return render_to_response("auth/reset_password_success.html") return render_to_response("auth/reset_password.html", {"form": form.as_widget()})