问题描述
我已经在线阅读了要过期的令牌,我必须使用expires_in
。但是,我无法使其正常工作。
s = TimedJSONWebSignatureSerializer('secretkey',expires_in = 1)
@app.route('/reset',methods=['GET','POST'])
def reset():
msg = ''
if request.method == 'POST' and 'email' in request.form:
global email
email = request.form['email']
cursor = MysqL.connection.cursor(MysqLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM accounts WHERE email = %s',(email,))
account = cursor.fetchone()
if account:
print(account)
token = (s.dumps([account]))
sender_email = 'email'
recipient = account['email']
password = 'password'
message = f"""
Your password reset link:
{url_for('reset_token',token=token,_external=True)}
"""
server = smtplib.SMTP('smtp.gmail.com',587)
server.starttls()
server.login(sender_email,password)
server.sendmail(sender_email,recipient,message)
else:
msg = 'Failed'
return render_template('reset.html',msg=msg)
@app.route("/reset_password/<token>",'POST'])
def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for('home'))
form2 = ResetPasswordForm()
if form2.validate_on_submit():
form2password = form2.confirm_password.data
cursor = MysqL.connection.cursor(MysqLdb.cursors.DictCursor)
sqlupdate = ('UPDATE accounts SET password = %s WHERE email = %s')
value = (form2password,email)
cursor.execute(sqlupdate,value)
MysqL.connection.commit()
flash('Your password has been updated! You are Now able to log in','success')
return redirect(url_for('login'))
return render_template('reset_token.html',title='Reset Password',form=form2)
我已经确认可以发送电子邮件并且可以更改密码。我面临的问题是,发送的电子邮件重置链接没有过期并且仍然可以使用,我不知道该如何解决。我看过在线示例和文档,但是它们非常模糊。
我希望密码重置链接在5分钟/ 300秒后失效。
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)