Invoked as the last step in the password reset process to let the user change his or her password.
Accepts the initial token received by the user in email, the reset key received in the previous step and a new password that should be set for the user.
password_reset.access_token(self, cid, token, reset_key, current_app, remote_addr, user_agent)
credential: Request's correlation ID.token: A password reset token received from the end usercurrent_app: Name of application the current user is issuing the call fromremote_addr: User's remote addressuser_agent: User's browser or another tool as extracted from the HTTP User-Agent header.Returns: reset_key - A reset key to send when in order to change the password# -*- coding: utf-8 -*-
# Zato
from zato.server.service import Service
class PasswordResetAccessToken(Service):
def handle(self):
current_app = 'CRM'
remote_addr = '127.0.0.1'
user_agent = self.request.http.user_agent
# Frontend reads it from the link that the user clicked
token = '5k339rv63q82er5wq9qgfw9xkd'
# The reset key, along with the initial token, can be used
# to change the password.
reset_key = self.sso.password_reset.access_token(
self.cid, token, current_app, remote_addr, user_agent)
# Return the reset key to our caller
self.response.payload = {'reset_key': reset_key}