async def forgot_password(
self, user: models.UD, request: Optional[Request] = None
) -> None:
"""
Start a forgot password request.
Triggers the on_after_forgot_password handler on success.
:param user: The user that forgot its password.
:param request: Optional FastAPI request that
triggered the operation, defaults to None.
:raises UserInactive: The user is inactive.
"""
if not user.is_active:
raise UserInactive()
token_data = {
"user_id": str(user.id),
"aud": self.reset_password_token_audience,
}
token = generate_jwt(
token_data,
self.reset_password_token_secret,
self.reset_password_token_lifetime_seconds,
)
await self.on_after_forgot_password(user, token, request)
async def request_verify(
self, user: models.UD, request: Optional[Request] = None
) -> None:
"""
Start a verification request.
Triggers the on_after_request_verify handler on success.
:param user: The user to verify.
:param request: Optional FastAPI request that
triggered the operation, defaults to None.
:raises UserInactive: The user is inactive.
:raises UserAlreadyVerified: The user is already verified.
"""
if not user.is_active:
raise UserInactive()
if user.is_verified:
raise UserAlreadyVerified()
token_data = {
"user_id": str(user.id),
"email": user.email,
"aud": self.verification_token_audience,
}
token = generate_jwt(
token_data,
self.verification_token_secret,
self.verification_token_lifetime_seconds,
)
await self.on_after_request_verify(user, token, request)
def _forgot_password_token(
user_id=None,
lifetime=user_manager.reset_password_token_lifetime_seconds):
data = {"aud": user_manager.reset_password_token_audience}
if user_id is not None:
data["user_id"] = str(user_id)
return generate_jwt(data, user_manager.reset_password_token_secret,
lifetime)
def test_generate_decode_jwt(secret: SecretType):
audience = "TEST_AUDIENCE"
data = {"foo": "bar", "aud": audience}
jwt = generate_jwt(data, secret, 3600)
decoded = decode_jwt(jwt, secret, [audience])
assert decoded["foo"] == "bar"
assert decoded["aud"] == audience
def _verify_token(
user_id=None,
email=None,
lifetime=user_manager.verification_token_lifetime_seconds,
):
data = {"aud": user_manager.verification_token_audience}
if user_id is not None:
data["user_id"] = str(user_id)
if email is not None:
data["email"] = email
return generate_jwt(data, user_manager.verification_token_secret,
lifetime)
async def write_token(self, user: models.UD) -> str:
data = {"user_id": str(user.id), "aud": self.token_audience}
return generate_jwt(data, self.secret, self.lifetime_seconds)
def generate_state_token(
data: Dict[str, str], secret: SecretType, lifetime_seconds: int = 3600
) -> str:
data["aud"] = STATE_TOKEN_AUDIENCE
return generate_jwt(data, secret, lifetime_seconds)
def _token(user_id=None, lifetime=LIFETIME):
data = {"aud": "fastapi-users:auth"}
if user_id is not None:
data["user_id"] = str(user_id)
return generate_jwt(data, secret, lifetime)