def post(self):
token = self.get_argument("token")
try:
from tornado_chat import SECRET_KEY
serializer = URLSafeTimedSerializer(SECRET_KEY)
parasite = serializer.loads(token, max_age=86400) # do i really have to do 24hrs in secs?
parasiteId = self.db.get("SELECT id, reset_token FROM parasite WHERE id = %s", parasite)
if parasiteId is not None and self.get_argument("password") == self.get_argument(
"password2") and parasiteId.reset_token == token:
hashed_password = yield executor.submit(
bcrypt.hashpw, tornado.escape.utf8(self.get_argument("password")),
bcrypt.gensalt())
self.db.execute("UPDATE parasite SET password = %s, reset_token='' WHERE id = %s", hashed_password,
parasite)
self.redirect("login?error=Password reset. Please login.")
else:
self.redirect("login?error=Password reset failed.")
except:
self.redirect("login?error=Password reset failed.")
评论列表
文章目录
