def _set_reset_code(self, user_id): rc = ResetCode() code = rc._generate_reset_code() expiration = datetime.datetime.now() + datetime.timedelta(hours=6) query = update(users).values(reset=code, reset_expiration=expiration) res = safe_execute(self._engine, query.where(users.c.id == user_id)) if res.rowcount != 1: self.logger.debug('Unable to add a new reset code') return None # XXX see if appropriate return code
def generate_reset_code(): """Generates a reset code Returns: reset code, expiration date """ from services.resetcodes import ResetCode rc = ResetCode() code = rc._generate_reset_code() expiration = datetime.datetime.now() + datetime.timedelta(hours=6) return code, expiration
class ResetCodeManager(object): """ Implements the reset code methods for auth backends. """ def __init__(self, engine, create_tables=False): self._engine = engine if engine is not None: reset_codes.metadata.bind = engine if create_tables: reset_codes.create(checkfirst=True) self.rc = ResetCode() self.logger = CLIENT_HOLDER.default_client # # Private methods # def _get_reset_code(self, user_id): res = self._engine.execute(_USER_RESET_CODE, user_name=user_id) res = res.fetchone() if res is None or res.reset is None or res.expiration is None: return None if isinstance(res.expiration, basestring): exp = datetime.datetime.strptime(res.expiration, '%Y-%m-%d %H:%M:%S.%f') else: exp = res.expiration if exp < datetime.datetime.now(): # expired self.clear_reset_code(user_id) return None return res.reset def _set_reset_code(self, user_id): code = self.rc._generate_reset_code() expiration = datetime.datetime.now() + datetime.timedelta(hours=6) query = delete(reset_codes).where(reset_codes.c.username == user_id) self._engine.execute(query) query = insert(reset_codes).values(reset=code, expiration=expiration, username=user_id) res = safe_execute(self._engine, query) if res.rowcount != 1: self.logger.debug('Unable to add a new reset code in the' ' reset_code table') return None # XXX see if appropriate return code # # Public methods # def generate_reset_code(self, user_id, overwrite=False): if not overwrite: stored_code = self._get_reset_code(user_id) if stored_code is not None: return stored_code return self._set_reset_code(user_id) def verify_reset_code(self, user_id, code): if not self.rc._check_reset_code(code): return False stored_code = self._get_reset_code(user_id) if stored_code is None: return False return stored_code == code def clear_reset_code(self, user_id): if self._engine is None: raise NotImplementedError() query = delete(reset_codes).where(reset_codes.c.username == user_id) res = safe_execute(self._engine, query) return res.rowcount > 0