def validate_temp_session(self, value):
from yan.auth.models import TemporarySession
try:
session = TemporarySession.get(value)
user = session.user
except Exception, e:
logging.warn(e)
raise ValidationError(_(u"Invalid temporary session."))
def reset_password(request, session_key):
form = ResetPasswordForm()
if request.method == 'GET':
try:
temporary_session = TemporarySession.get(session_key)
except Exception:
# BadKeyError ... etc
temporary_session = None
if temporary_session is None:
raise Forbidden("Temporary Session might be expired.")
# TODO: acquire new temporary session
new_session = TemporarySession.get_new_session(temporary_session.user)
temporary_session.delete()
form.data['temp_session'] = str(new_session.key())
elif request.method == 'POST' and form.validate(request.form):
new_session = TemporarySession.get(form['temp_session'])
user = new_session.user
user.set_password(form['new_password'])
new_session.delete()
return render_to_response("auth/reset_password_success.html")
return render_to_response("auth/reset_password.html",
{"form": form.as_widget()})
