forgot password

52a04f68 · Gladys Forte · 498f0503 · 52a04f68
Commit 52a04f68 authored Oct 15, 2019 by Gladys Forte
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 1 deletion

app/accesslayer/views.py app/accesslayer/views.py +6 -1

No files found.
--- a/app/accesslayer/views.py
+++ b/app/accesslayer/views.py
@@ -158,7 +158,7 @@ class ForgotPassword(APIView):
                created=date_now,
                timeout_at=timeout_at
            ).save()
-            
+
            url = f"{settings.FRONT_END_URL}/forgot-password/reset"\
                  f"?token={TOKEN}"

@@ -190,10 +190,15 @@ class ValidateForgotPasswordResetToken(APIView):
    def post(self, request, *args, **kwargs):
        token = request.data['token']

+        date_now = datetime.now()
+
        existingToken = AuthToken.objects.filter(token=token).first()
        if existingToken:
            if not existingToken.is_active:
                raise Exception('Request is no longer active')
+            elif existingToken.timeout_at < date_now:
+                raise Exception('Token already expired')
+            
            return Response(data={
                                "username": existingToken.user.username,
                                "email": existingToken.user.email