def POST(self): # Reads the email in the HTTP request parameters email = web.input(email=None).email # Check if the user exists and is active user = User.get_user(email) if user is None or not user.active: raise http.Forbidden("Utilisateur inconnu") # Checks if there is already an active password token matching this email current_password_token = PasswordToken.get_password_token(email) if current_password_token is not None: formatted_creation_dt = formatting.format_date( dates.change_timezone(current_password_token.creation_dt), "%d/%m/%y %H:%M") raise http.Forbidden(u"Demande similaire déjà effectuée le %s" % formatted_creation_dt) # Creates a new password token valid for 2 days password_token = PasswordToken( validity=2, user=user, token=PasswordToken.generate_random_token(16)) config.orm.add(password_token) # Registers an email notification http.register_hook( lambda: notify_via_email(password_token, Events.NEW)) return u"Instructions en cours d'envoi à %s" % email