Invoked during the password reset process after a user clicks a link with the password reset token.
Accepts the token from email and returns a reset key. Along with the token, the reset key is used in in the next step in the process to change the password.
password_reset.access_token(self, cid, token, current_app, remote_addr, user_agent)
credential: Request's correlation ID.token: A password reset token received from the end usercurrent_app: Name of application the current user is issuing the call fromremote_addr: User's remote addressuser_agent: User's browser or another tool as extracted from the HTTP User-Agent header.Returns: reset_key - A reset key to send when in order to change the password# -*- coding: utf-8 -*-
# Zato
from zato.server.service import Service
class PasswordResetAccessToken(Service):
def handle(self):
current_app = 'CRM'
remote_addr = '127.0.0.1'
user_agent = self.request.http.user_agent
# Frontend reads it from the link that the user clicked
token = '5k339rv63q82er5wq9qgfw9xkd'
# The reset key, along with the initial token, can be used
# to change the password.
reset_key = self.sso.password_reset.access_token(
self.cid, token, current_app, remote_addr, user_agent)
# Return the reset key to our caller
self.response.payload = {'reset_key': reset_key}