def post(self, request, token=None): user = check_token(token) password = request.data.get('new_password', '') if not password: return Response( dict(status="error", error_code="new_password_required", message="You haven't provided a new password.")) # if we have a valid user if user: # check if the submitted password complies with the password_enforce_format pass_check = password_enforce_format(password) if pass_check: user.set_password(password) user.save() return Response( dict(status="error", error_code="invalid_password_format", message=pass_check)) else: package = dict( caller='jwt_auth', notification_type='RESET_PASSWORD_CONFIRMATION', recipients=[user.email, ], context=dict( username=user.username, password=password ) ) notify = Notification(**package) notify.send() return Response(dict(status="success", message="Password has been successfully reset")) else: return Response( dict(status="error", error_code="invalid_token", message="The token you provided is invalid or has expired."))
def test_new_token(self): token = new_token(self.test_user) self.assertEqual(check_token(token), self.test_user)