PasswordReset.access_token - Python API

Invoked during the password reset process after a user clicks a link with the password reset token.

Accepts the token from email and returns a reset key. Along with the token, the reset key is used in in the next step in the process to change the password.


password_reset.access_token(self, cid, token, current_app, remote_addr, user_agent)

  • credential: Request's correlation ID.
  • token: A password reset token received from the end user
  • current_app: Name of application the current user is issuing the call from
  • remote_addr: User's remote address
  • user_agent: User's browser or another tool as extracted from the HTTP User-Agent header.
  • Returns: reset_key - A reset key to send when in order to change the password
# -*- coding: utf-8 -*-

# Zato
from zato.server.service import Service

class PasswordResetAccessToken(Service):
    def handle(self):

        current_app = 'CRM'
        remote_addr = ''
        user_agent = self.request.http.user_agent

        # Frontend reads it from the link that the user clicked
        token = '5k339rv63q82er5wq9qgfw9xkd'

        # The reset key, along with the initial token, can be used
        # to change the password.
        reset_key = self.sso.password_reset.access_token(
            self.cid, token, current_app, remote_addr, user_agent)

        # Return the reset key to our caller
        self.response.payload = {'reset_key': reset_key}