[Plugin] auth: Implemented REST endpoint for password reset

This commit is contained in:
Ferdinand Thiessen 2021-01-18 16:18:16 +01:00
parent 1f93bc6d80
commit 049b64ffd5
1 changed files with 20 additions and 2 deletions

View File

@ -2,12 +2,13 @@
Allow management of authentication, login, logout, etc. Allow management of authentication, login, logout, etc.
""" """
from flask import Blueprint, request, jsonify
from http.client import CREATED, NO_CONTENT from http.client import CREATED, NO_CONTENT
from werkzeug.exceptions import Forbidden, BadRequest, Unauthorized from flask import Blueprint, request, jsonify
from werkzeug.exceptions import Forbidden, BadRequest, Unauthorized, NotFound
from flaschengeist import logger from flaschengeist import logger
from flaschengeist.plugins import Plugin from flaschengeist.plugins import Plugin
from flaschengeist.utils.HTTP import no_content
from flaschengeist.decorator import login_required from flaschengeist.decorator import login_required
from flaschengeist.controller import sessionController, userController from flaschengeist.controller import sessionController, userController
@ -162,3 +163,20 @@ def get_assocd_user(token, current_session, **kwargs):
# Valid tokens from other users and invalid tokens now are looking the same # Valid tokens from other users and invalid tokens now are looking the same
raise Forbidden raise Forbidden
return jsonify(session._user) return jsonify(session._user)
@auth_bp.route("/auth/reset", methods=["POST"])
def reset_password():
data = request.get_json()
if "userid" in data:
try:
user = userController.find_user(data["userid"])
userController.request_reset(user)
except NotFound:
pass
elif "password" in data and "token" in data:
userController.reset_password(data["token"], data["password"])
else:
raise BadRequest("Missing parameter(s)")
return no_content()