def POST(self):
# Reads the email in the HTTP request parameters
email = web.input(email=None).email
# Check if the user exists and is active
user = User.get_user(email)
if user is None or not user.active:
raise http.Forbidden("Utilisateur inconnu")
# Checks if there is already an active password token matching this email
current_password_token = PasswordToken.get_password_token(email)
if current_password_token is not None:
formatted_creation_dt = formatting.format_date(
dates.change_timezone(current_password_token.creation_dt),
"%d/%m/%y %H:%M")
raise http.Forbidden(u"Demande similaire déjà effectuée le %s" %
formatted_creation_dt)
# Creates a new password token valid for 2 days
password_token = PasswordToken(
validity=2,
user=user,
token=PasswordToken.generate_random_token(16))
config.orm.add(password_token)
# Registers an email notification
http.register_hook(
lambda: notify_via_email(password_token, Events.NEW))
return u"Instructions en cours d'envoi à %s" % email
