Codestyle and new python package versions.

2025-11-03 20:02:47 +00:00 · 2019-08-22 09:33:34 +02:00
parent bfe28eca61
commit 19f60cfd0f
3 changed files with 26 additions and 22 deletions
--- a/app/models.py
+++ b/app/models.py
@@ -1,6 +1,6 @@
 from flask import current_app
 from flask_login import UserMixin, AnonymousUserMixin
-from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
+from itsdangerous import BadSignature, TimedJSONWebSignatureSerializer
 from werkzeug.security import generate_password_hash, check_password_hash
 from . import db
 from . import login_manager
@@ -22,8 +22,8 @@ class Permission:

 class Role(db.Model):
    """
-    Model for the different roles Users can have. Is a one-to-many relationship.
-    A Role can be associated with many User rows.
+    Model for the different roles Users can have. Is a one-to-many
+    relationship. A Role can be associated with many User rows.
    """
    __tablename__ = 'roles'
    # Primary key
@@ -136,24 +136,26 @@ class User(UserMixin, db.Model):
        """
        Generates a confirmation token for user confirmation via email.
        """
-        s = Serializer(current_app.config['SECRET_KEY'], expiration)
+        s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'],
+                                            expiration)
        return s.dumps({'confirm': self.id}).decode('utf-8')

    def generate_reset_token(self, expiration=3600):
        """
        Generates a reset token for password reset via email.
        """
-        s = Serializer(current_app.config['SECRET_KEY'], expiration)
+        s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'],
+                                            expiration)
        return s.dumps({'reset': self.id}).decode('utf-8')

    def confirm(self, token):
        """
        Confirms User if the given token is valid and not expired.
        """
-        s = Serializer(current_app.config['SECRET_KEY'])
+        s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'])
        try:
            data = s.loads(token.encode('utf-8'))
-        except:
+        except BadSignature:
            return False
        if data.get('confirm') != self.id:
            return False
@@ -166,10 +168,10 @@ class User(UserMixin, db.Model):
        """
        Resets password for User if the given token is valid and not expired.
        """
-        s = Serializer(current_app.config['SECRET_KEY'])
+        s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'])
        try:
            data = s.loads(token.encode('utf-8'))
-        except:
+        except BadSignature:
            return False
        user = User.query.get(data.get('reset'))
        if user is None:
@@ -291,6 +293,7 @@ class Corpus(db.Model):
                'title': self.title,
                'user_id': self.user_id}

+
 '''
 ' Flask-Login is told to use the application’s custom anonymous user by setting
 ' its class in the login_manager.anonymous_user attribute.