def GET(self):
# Reads the token in the HTTP request parameters
token = web.input(token=None).token
# Checks if the token is valid
password_token = PasswordToken.get_token(token)
if password_token is None or password_token.expired:
raise http.Forbidden()
# The fieldset is bound to the user associated with the token
password_fieldset = user_forms.NewPasswordFieldSet().bind(password_token.user)
return config.views.layout(config.views.creation_form(password_fieldset))
def test_get_token(self):
# These tests work because a PasswordTokenData has a similar structure to a PasswordToken
# When Tournament.__eq__ is called, it compares the fields without caring of the parameters' actual types
self.assertIsNone(PasswordToken.get_token(None))
self.assertIsNone(PasswordToken.get_token(""))
self.assertIsNone(PasswordToken.get_token("invalid_token"))
self.assertIsNone(PasswordToken.get_token("znc9TNqpajeN2nEH"))
self.assertIsNone(PasswordToken.get_token("xjRp67wh3HdjEI6I"))
self.assertEquals(PasswordToken.get_token("goB9Z7fhsUrjXHDi"), PasswordTokenData.password_token_expired)
self.assertEquals(PasswordToken.get_token("xYCPayfPCPEPCPaL"), PasswordTokenData.password_token_active)
def GET(self):
# Reads the token in the HTTP request parameters
token = web.input(token=None).token
# Checks if the token is valid
password_token = PasswordToken.get_token(token)
if password_token is None or password_token.expired:
raise http.Forbidden()
# The fieldset is bound to the user associated with the token
password_fieldset = user_forms.NewPasswordFieldSet().bind(
password_token.user)
return config.views.layout(
config.views.creation_form(password_fieldset))
def test_get_token(self):
# These tests work because a PasswordTokenData has a similar structure to a PasswordToken
# When Tournament.__eq__ is called, it compares the fields without caring of the parameters' actual types
self.assertIsNone(PasswordToken.get_token(None))
self.assertIsNone(PasswordToken.get_token(""))
self.assertIsNone(PasswordToken.get_token("invalid_token"))
self.assertIsNone(PasswordToken.get_token("znc9TNqpajeN2nEH"))
self.assertIsNone(PasswordToken.get_token("xjRp67wh3HdjEI6I"))
self.assertEquals(PasswordToken.get_token("goB9Z7fhsUrjXHDi"),
PasswordTokenData.password_token_expired)
self.assertEquals(PasswordToken.get_token("xYCPayfPCPEPCPaL"),
PasswordTokenData.password_token_active)
def POST(self):
# Reads the token in the HTTP request parameters
token = web.input(token=None).token
# Checks if the token is valid
password_token = PasswordToken.get_token(token)
if password_token is None or password_token.expired:
raise http.Forbidden()
# The fieldset is bound to the form data & the user associated with the token : the token itself is passed because it should expire when successfully used
password_fieldset = user_forms.NewPasswordFieldSet(password_token).bind(password_token.user, data=web.input())
# Synchronizes the fieldset & registers a delayed login of the user (we could do it now but it's better to isolate the login process)
if password_fieldset.validate():
password_fieldset.sync()
http.register_hook(lambda: session.login_workflow(password_fieldset.model))
raise web.seeother("/")
else:
return config.views.layout(config.views.creation_form(password_fieldset))
def POST(self):
# Reads the token in the HTTP request parameters
token = web.input(token=None).token
# Checks if the token is valid
password_token = PasswordToken.get_token(token)
if password_token is None or password_token.expired:
raise http.Forbidden()
# The fieldset is bound to the form data & the user associated with the token : the token itself is passed because it should expire when successfully used
password_fieldset = user_forms.NewPasswordFieldSet(
password_token).bind(password_token.user, data=web.input())
# Synchronizes the fieldset & registers a delayed login of the user (we could do it now but it's better to isolate the login process)
if password_fieldset.validate():
password_fieldset.sync()
http.register_hook(
lambda: session.login_workflow(password_fieldset.model))
raise web.seeother("/")
else:
return config.views.layout(
config.views.creation_form(password_fieldset))
