Reset the password of a user. Triggers the on_after_reset_password handler on success. :param token: The token generated by forgot_password. :param password: The new password to set. :param request: Optional FastAPI request that triggered the operat
(
self, token: str, password: str, request: Request | None = None
)
| 384 | await self.on_after_forgot_password(user, token, request) |
| 385 | |
| 386 | async def reset_password( |
| 387 | self, token: str, password: str, request: Request | None = None |
| 388 | ) -> models.UP: |
| 389 | """ |
| 390 | Reset the password of a user. |
| 391 | |
| 392 | Triggers the on_after_reset_password handler on success. |
| 393 | |
| 394 | :param token: The token generated by forgot_password. |
| 395 | :param password: The new password to set. |
| 396 | :param request: Optional FastAPI request that |
| 397 | triggered the operation, defaults to None. |
| 398 | :raises InvalidResetPasswordToken: The token is invalid or expired. |
| 399 | :raises UserInactive: The user is inactive. |
| 400 | :raises InvalidPasswordException: The password is invalid. |
| 401 | :return: The user of type models.UP with updated password. |
| 402 | """ |
| 403 | try: |
| 404 | data = decode_jwt( |
| 405 | token, |
| 406 | self.reset_password_token_secret, |
| 407 | [self.reset_password_token_audience], |
| 408 | ) |
| 409 | except jwt.PyJWTError: |
| 410 | raise exceptions.InvalidResetPasswordToken() |
| 411 | |
| 412 | try: |
| 413 | user_id = data["sub"] |
| 414 | password_fingerprint = data["password_fgpt"] |
| 415 | except KeyError: |
| 416 | raise exceptions.InvalidResetPasswordToken() |
| 417 | |
| 418 | try: |
| 419 | parsed_id = self.parse_id(user_id) |
| 420 | except exceptions.InvalidID: |
| 421 | raise exceptions.InvalidResetPasswordToken() |
| 422 | |
| 423 | user = await self.get(parsed_id) |
| 424 | |
| 425 | valid_password_fingerprint, _ = self.password_helper.verify_and_update( |
| 426 | user.hashed_password, password_fingerprint |
| 427 | ) |
| 428 | if not valid_password_fingerprint: |
| 429 | raise exceptions.InvalidResetPasswordToken() |
| 430 | |
| 431 | if not user.is_active: |
| 432 | raise exceptions.UserInactive() |
| 433 | |
| 434 | updated_user = await self._update(user, {"password": password}) |
| 435 | |
| 436 | await self.on_after_reset_password(user, request) |
| 437 | |
| 438 | return updated_user |
| 439 | |
| 440 | async def update( |
| 441 | self, |