URLS:urlpatterns = [ url('^activate/', views.ActivateAccountView.as_vie

1. URLS:
2.  
3. urlpatterns = [
4.     url('^activate/', views.ActivateAccountView.as_view(), name='activate_account'),
5.     url('^password_reset_email/', views.PasswordResetSendLinkView.as_view(), name='password_reset_email'),
6.     url('^password_reset_token/', views.PasswordResetReceiveTokenView.as_view(), name='password_reset_token'),
7.     url('^reset_password/', views.PasswordResetView.as_view(), name='reset_password'),
8. ]
9.  
10. VIEWS:
11. class PasswordResetSendLinkView(APIView):
12.     def post(self, request):
13.         serialized = PasswordResetSendLinkSerializer(data=request.data)
14.         if not serialized.is_valid():
15.             return Response(serialized.errors, status=401)
16.  
17.         user = serialized.instance
18.  
19.         password_reset_token = str(uuid.uuid4())
20.         PasswordResetToken.objects.get_or_create(user=user, token=password_reset_token)
21.  
22.         send_html_email(
23.             subject='Workeo password reset',
24.             template_name='user/password_reset.html',
25.             context={'password_reset_token': password_reset_token},
26.             to_list=[user.email])
27.  
28.         return Response('Password reset email sent.')
29.  
30. class PasswordResetReceiveTokenView(APIView):
31.     def post(self, request):
32.         password_reset_token = request.query_params.get('token')
33.         if not password_reset_token:
34.             return Response('Missing account activation token.')
35.         else:
36.             password_reset_token_object = PasswordResetToken.objects.filter(token=password_reset_token).first()
37.             if not password_reset_token_object:
38.                 return Response('Invalid account activation token.')
39.             elif password_reset_token_object.created + 2 > datetime.now():
40.                 password_reset_token = str(uuid.uuid4())
41.                 user = password_reset_token_object.user
42.                 PasswordResetToken.objects.get_or_create(user=user, token=password_reset_token)
43.                 send_html_email(
44.                     subject='Workeo password reset',
45.                     template_name='user/password_reset.html',
46.                     context={'password_reset_token': password_reset_token},
47.                     to_list=[user.email])
48.  
49.                 password_reset_token_object.delete()
50.                 return Response('This password reset link is out of date.'
51.                                 'We have sent a new password reset link to your registered email address'
52.                                 'that will be active for two days.')
53.             else:
54.                 return HttpResponseRedirect(redirect_to='https://app.workeo.co/password_reset/')
55.  
56. class PasswordResetView(APIView):
57.     def post(self, request):
58.         serialized = PasswordResetSerializer(data=request.data)
59.         if not serialized.is_valid():
60.             return Response(serialized.errors, status=400)
61.  
62.         user = serialized.instance
63.  
64.         Token.objects.get(user=user).delete()
65.         new_token, __ = Token.objects.get_or_create(user=user)
66.  
67.         response = {'token': new_token.key,
68.                     'user': UserSerializer(user).data}
69.         if user.type == 'client':
70.             response['client'] = ClientReturnSerializer(user.client).data
71.         if user.type == 'candidate':
72.             response['candidate'] = CandidateReturnSerializer(user.candidate).data
73.         return Response(response)
74.  
75. SRIALIZERS:
76.  
77. class PasswordResetSendLinkSerializer(serializers.ModelSerializer):
78.     email = serializers.EmailField(max_length=255)
79.  
80.     class Meta:
81.         model = User
82.         fields = ['email']
83.  
84.     def validate(self, data):
85.         errors = {}
86.         try:
87.             self.instance = User.objects.get(email=data.get('email'))
88.         except User.DoesNotExist:
89.             errors['email'] = ['User with given email does not exist.']
90.             raise serializers.ValidationError(errors)
91.         return super().validate(data)
92.  
93.  
94. class PasswordResetSerializer(serializers.ModelSerializer):
95.     email = serializers.EmailField(max_length=255)
96.  
97.     class Meta:
98.         model = User
99.         fields = ['email', 'password']
100.  
101.     def validate(self, data):
102.         errors = {}
103.         try:
104.             self.instance = User.objects.get(email=data.get('email'))
105.         except User.DoesNotExist:
106.             errors['email'] = ['User with given email does not exist.']
107.             raise serializers.ValidationError(errors)
108.  
109.         if 'password' in data.keys():
110.             password = data.get('password')
111.         else:
112.             errors['password'] = ['You must provide a new password.']
113.             raise serializers.ValidationError(errors)
114.  
115.         if errors:
116.             raise serializers.ValidationError(errors)
117.  
118.         data['password'] = make_password(password)
119.         return super().validate(data)