[Plugin] auth: Implemented REST endpoint for password reset
This commit is contained in:
parent
1f93bc6d80
commit
049b64ffd5
|
@ -2,12 +2,13 @@
|
||||||
|
|
||||||
Allow management of authentication, login, logout, etc.
|
Allow management of authentication, login, logout, etc.
|
||||||
"""
|
"""
|
||||||
from flask import Blueprint, request, jsonify
|
|
||||||
from http.client import CREATED, NO_CONTENT
|
from http.client import CREATED, NO_CONTENT
|
||||||
from werkzeug.exceptions import Forbidden, BadRequest, Unauthorized
|
from flask import Blueprint, request, jsonify
|
||||||
|
from werkzeug.exceptions import Forbidden, BadRequest, Unauthorized, NotFound
|
||||||
|
|
||||||
from flaschengeist import logger
|
from flaschengeist import logger
|
||||||
from flaschengeist.plugins import Plugin
|
from flaschengeist.plugins import Plugin
|
||||||
|
from flaschengeist.utils.HTTP import no_content
|
||||||
from flaschengeist.decorator import login_required
|
from flaschengeist.decorator import login_required
|
||||||
from flaschengeist.controller import sessionController, userController
|
from flaschengeist.controller import sessionController, userController
|
||||||
|
|
||||||
|
@ -162,3 +163,20 @@ def get_assocd_user(token, current_session, **kwargs):
|
||||||
# Valid tokens from other users and invalid tokens now are looking the same
|
# Valid tokens from other users and invalid tokens now are looking the same
|
||||||
raise Forbidden
|
raise Forbidden
|
||||||
return jsonify(session._user)
|
return jsonify(session._user)
|
||||||
|
|
||||||
|
|
||||||
|
@auth_bp.route("/auth/reset", methods=["POST"])
|
||||||
|
def reset_password():
|
||||||
|
data = request.get_json()
|
||||||
|
if "userid" in data:
|
||||||
|
try:
|
||||||
|
user = userController.find_user(data["userid"])
|
||||||
|
userController.request_reset(user)
|
||||||
|
except NotFound:
|
||||||
|
pass
|
||||||
|
elif "password" in data and "token" in data:
|
||||||
|
userController.reset_password(data["token"], data["password"])
|
||||||
|
else:
|
||||||
|
raise BadRequest("Missing parameter(s)")
|
||||||
|
|
||||||
|
return no_content()
|
||||||
|
|
Loading…
Reference in New Issue