make sure expiration is handled for ActivationCode and ResetPasswordCode
This commit is contained in:
parent
4704ca0bc6
commit
2693ba5838
|
@ -1,4 +1,3 @@
|
||||||
import arrow
|
|
||||||
from flask import request, redirect, url_for, flash, render_template
|
from flask import request, redirect, url_for, flash, render_template
|
||||||
from flask_login import login_user, current_user
|
from flask_login import login_user, current_user
|
||||||
|
|
||||||
|
@ -26,7 +25,7 @@ def activate():
|
||||||
400,
|
400,
|
||||||
)
|
)
|
||||||
|
|
||||||
if activation_code.expired and activation_code.expired < arrow.now():
|
if activation_code.is_expired():
|
||||||
return (
|
return (
|
||||||
render_template(
|
render_template(
|
||||||
"auth/activate.html",
|
"auth/activate.html",
|
||||||
|
|
|
@ -56,9 +56,7 @@ def register():
|
||||||
|
|
||||||
def send_activation_email(user, next_url):
|
def send_activation_email(user, next_url):
|
||||||
# the activation code is valid for 1h
|
# the activation code is valid for 1h
|
||||||
activation = ActivationCode.create(
|
activation = ActivationCode.create(user_id=user.id, code=random_string(30))
|
||||||
user_id=user.id, code=random_string(30), expired=arrow.now().shift(hours=1)
|
|
||||||
)
|
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
# Send user activation email
|
# Send user activation email
|
||||||
|
|
|
@ -32,7 +32,7 @@ def reset_password():
|
||||||
)
|
)
|
||||||
return render_template("auth/reset_password.html", form=form, error=error)
|
return render_template("auth/reset_password.html", form=form, error=error)
|
||||||
|
|
||||||
if reset_password_code.expired < arrow.now():
|
if reset_password_code.is_expired():
|
||||||
error = (
|
error = (
|
||||||
"The link is already expired. Please make a new request to reset password"
|
"The link is already expired. Please make a new request to reset password"
|
||||||
)
|
)
|
||||||
|
|
|
@ -146,7 +146,7 @@ def send_reset_password_email(user):
|
||||||
"""
|
"""
|
||||||
# the activation code is valid for 1h
|
# the activation code is valid for 1h
|
||||||
reset_password_code = ResetPasswordCode.create(
|
reset_password_code = ResetPasswordCode.create(
|
||||||
user_id=user.id, code=random_string(60), expired=arrow.now().shift(hours=1)
|
user_id=user.id, code=random_string(60)
|
||||||
)
|
)
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
|
|
|
@ -251,7 +251,10 @@ class ActivationCode(db.Model, ModelMixin):
|
||||||
|
|
||||||
user = db.relationship(User)
|
user = db.relationship(User)
|
||||||
|
|
||||||
expired = db.Column(ArrowType, default=_expiration_1h)
|
expired = db.Column(ArrowType, nullable=False, default=_expiration_1h)
|
||||||
|
|
||||||
|
def is_expired(self):
|
||||||
|
return self.expired < arrow.now()
|
||||||
|
|
||||||
|
|
||||||
class ResetPasswordCode(db.Model, ModelMixin):
|
class ResetPasswordCode(db.Model, ModelMixin):
|
||||||
|
@ -264,6 +267,9 @@ class ResetPasswordCode(db.Model, ModelMixin):
|
||||||
|
|
||||||
expired = db.Column(ArrowType, nullable=False, default=_expiration_1h)
|
expired = db.Column(ArrowType, nullable=False, default=_expiration_1h)
|
||||||
|
|
||||||
|
def is_expired(self):
|
||||||
|
return self.expired < arrow.now()
|
||||||
|
|
||||||
|
|
||||||
class Partner(db.Model, ModelMixin):
|
class Partner(db.Model, ModelMixin):
|
||||||
email = db.Column(db.String(128))
|
email = db.Column(db.String(128))
|
||||||
|
|
Loading…
Reference in New Issue