diff --git a/app/models.py b/app/models.py
index 9c8327ba4a14e6ee2ca371615c930f4d89ff1276..05a5484a64dfc8770528e17429054dc30c20ba94 100644
--- a/app/models.py
+++ b/app/models.py
@@ -1,6 +1,6 @@
from flask import current_app
from flask_login import UserMixin, AnonymousUserMixin
-from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
+from itsdangerous import BadSignature, TimedJSONWebSignatureSerializer
from werkzeug.security import generate_password_hash, check_password_hash
from . import db
from . import login_manager
@@ -22,8 +22,8 @@ class Permission:
class Role(db.Model):
"""
- Model for the different roles Users can have. Is a one-to-many relationship.
- A Role can be associated with many User rows.
+ Model for the different roles Users can have. Is a one-to-many
+ relationship. A Role can be associated with many User rows.
"""
__tablename__ = 'roles'
# Primary key
@@ -136,24 +136,26 @@ class User(UserMixin, db.Model):
"""
Generates a confirmation token for user confirmation via email.
"""
- s = Serializer(current_app.config['SECRET_KEY'], expiration)
+ s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'],
+ expiration)
return s.dumps({'confirm': self.id}).decode('utf-8')
def generate_reset_token(self, expiration=3600):
"""
Generates a reset token for password reset via email.
"""
- s = Serializer(current_app.config['SECRET_KEY'], expiration)
+ s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'],
+ expiration)
return s.dumps({'reset': self.id}).decode('utf-8')
def confirm(self, token):
"""
Confirms User if the given token is valid and not expired.
"""
- s = Serializer(current_app.config['SECRET_KEY'])
+ s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token.encode('utf-8'))
- except:
+ except BadSignature:
return False
if data.get('confirm') != self.id:
return False
@@ -166,10 +168,10 @@ class User(UserMixin, db.Model):
"""
Resets password for User if the given token is valid and not expired.
"""
- s = Serializer(current_app.config['SECRET_KEY'])
+ s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token.encode('utf-8'))
- except:
+ except BadSignature:
return False
user = User.query.get(data.get('reset'))
if user is None:
@@ -291,6 +293,7 @@ class Corpus(db.Model):
'title': self.title,
'user_id': self.user_id}
+
'''
' Flask-Login is told to use the application’s custom anonymous user by setting
' its class in the login_manager.anonymous_user attribute.
diff --git a/config.py b/config.py
index 65731c51df363a8bfe49b8975ccb5233ad2cd6c8..b52da6e2232e7a7c4f9586995a840584e1703065 100644
--- a/config.py
+++ b/config.py
@@ -33,7 +33,8 @@ class Config:
class DevelopmentConfig(Config):
DEBUG = True
- SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'data_dev.sqlite')
+ SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir,
+ 'data_dev.sqlite')
class TestingConfig(Config):
diff --git a/requirements.txt b/requirements.txt
index 55702c7337f8c32ba008e6ad185de691abdc165d..24417764e218c19e970a14447602c5815fd00286 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,12 +1,12 @@
-docker==4.0.2
-eventlet==0.25.0
-Flask==1.0.3
-Flask-APScheduler==1.11.0
-Flask-Login==0.4.1
-Flask-Mail==0.9.1
-Flask-Migrate==2.5.2
-Flask-SocketIO==4.2.1
-Flask-SQLAlchemy==2.4.0
-Flask-Table==0.5.0
-Flask-WTF==0.14.2
-python-dotenv==0.10.3
+docker
+eventlet
+Flask
+Flask-APScheduler
+Flask-Login
+Flask-Mail
+Flask-Migrate
+Flask-SocketIO
+Flask-SQLAlchemy
+Flask-Table
+Flask-WTF
+python-dotenv