Added reset token check route

Seluj78 · Seluj78 · commit 295dfa24c653 · 2020-09-18T09:13:06.000+02:00
diff --git a/backend/PyMatcha/routes/api/auth/password.py b/backend/PyMatcha/routes/api/auth/password.py
@@ -97,3 +97,20 @@ def reset_password():
         u.save()
         current_app.logger.debug("/auth/password/reset -> Password reset successfully")
         return Success("Password reset successful.")
+
+
+@auth_password_bp.route("/auth/password/check_token", methods=["POST"])
+@validate_params({"token": str})
+def check_token_validity():
+    data = request.get_json()
+    try:
+        confirm_token(data["token"], expiration=7200)
+    except (SignatureExpired, BadSignature) as e:
+        if e == SignatureExpired:
+            current_app.logger.debug("/auth/password/reset -> Signature Expired")
+            raise BadRequestError("Signature Expired.", "Request another password reset and try again.")
+        else:
+            current_app.logger.debug("/auth/password/reset -> Bad Signature")
+            raise BadRequestError("Bad Signature.", "Request another password reset and try again.")
+    else:
+        return Success("Reset token is correct")
diff --git a/backend/schemas/swagger.yaml b/backend/schemas/swagger.yaml
@@ -959,6 +959,43 @@ paths:
                   message:
                     type: string
                     example: Password reset successful.
+  /auth/password/check_token:
+    post:
+      summary: Check the token validity
+      operationId: checkToken
+      tags:
+        - Authentication
+      requestBody:
+        description: Parameters to test the token
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                token:
+                  type: string
+                  required: true
+                    example: qwERg3rtyhog23mrweof5ngib4j3ktnrvwefqjskldnakms
+      responses:
+        "400":
+          $ref: '#/components/responses/BadRequest'
+        "200":
+          description: Success
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  code:
+                    type: string
+                    example: 200
+                  success:
+                    type: boolean
+                    example: true
+                  message:
+                    type: string
+                    example: Reset token is correct.
 
 
 servers:
