def send_confirm_email(email):
try:
user = User.get(User.email == email)
except User.DoesNotExist:
raise falcon.HTTPNotFound(description='The user does not exist.')
token = token_serializer.dumps(user.id)
message = MIMEText(token, 'plain')
message['Subject'] = 'Confirm your email address'
send_message(email, message)
def send_reset_email(email):
try:
user = User.get(User.email == email)
except User.DoesNotExist:
raise falcon.HTTPNotFound(description='The user does not exist.')
token = token_serializer.dumps((user.id, str(user.reset_key)))
message = MIMEText(token, 'plain')
message['Subject'] = 'Reset your password'
send_message(email, message)
def authenticate(email, password):
try:
user = User.get(User.email == email)
except User.DoesNotExist:
raise falcon.HTTPNotFound(description='The user does not exist.')
if user.confirmed_at is None:
raise falcon.HTTPBadRequest(
description='The user has not been confirmed.')
if not bcrypt.checkpw(password.encode(), user.hash):
raise falcon.HTTPUnauthorized(
description='The user could not be authenticated.')
claims = {
'exp': time.time() + 60 * 60 * 24,
'iat': time.time(),
'user_id': user.id
}
safe_user = model_to_dict(user, recurse=False, exclude=[User.hash])
return (safe_user, jwt.encode(claims, 'secret', algorithm='HS256'))