Exemplo n.º 1
0
 def user(self):
     user = None
     if 'user_key' in self.session:
         str_key = self.session['user_key']
         user = model.getByKey(str_key)
         if not user:
             del self.session['user_key']
     return user
Exemplo n.º 2
0
 def user(self):
     user = None
     if 'auth_key' in self.session:
         str_key = self.session['auth_key']
         auth = model.getByKey(str_key)
         if auth:
             user = auth.user
         else:
             del self.session['auth_key']
     return user
Exemplo n.º 3
0
    def before(self):
        is_valid = False
        self.key = self.request.get("key")
        self.token = self.request.get("token")
        if self.key and self.token:
            self.user = model.getByKey(self.key)
            if self.user and self.user.token and self.token == self.user.token:
                # token is valid for one hour
                if (datetime.utcnow() - self.user.token_date).total_seconds() < 3600:
                    is_valid = True

        if not is_valid:
            self.flash("error", "That reset password link has expired.")
            self.redirect("/forgotpassword")