def do_password_reset(request, token=None):
try:
email, timestamp = _password_reset_token_factory.parse_token(token)
except (signing.BadSignature, signing.SignatureExpired):
return render(request, 'users/password_reset/reset_token_invalid.html', {})
try:
user = get_user(email)
except User.DoesNotExist:
raise Http404()
profile = user.profile
timestamp = datetime.utcfromtimestamp(timestamp).replace(tzinfo=timezone.utc)
if profile.last_password_change and profile.last_password_change > timestamp:
return render(request, 'users/password_reset/token_already_used.html', {})
form = SetPasswordForm(user, request.POST or None)
if form.is_valid():
form.save()
profile.last_password_change = timezone.now()
profile.save()
return render(request, 'users/password_reset/reset_complete.html', {})
return render(request, 'users/password_reset/reset_form.html', {
'user': user,
'form': form,
})
评论列表
文章目录
