octicon-mirror(24/)
python/fastapi-users
octicon-rss(16/)
1
0
octicon-repo-forked(16/)Fork 0
mirror of https://github.com/fastapi-users/fastapi-users.git synced 2025-11-10 02:05:41 +08:00
octicon-code(16/) Code octicon-issue-opened(16/) Issues octicon-package(16/) Packages octicon-project(16/) Projects octicon-tag(16/) Releases octicon-book(16/) Wiki octicon-pulse(16/) Activity
Files
octicon-git-commit(16/) 531fdeed2de531042dcdcd83004b7236a03e761c octicon-triangle-down(14/dropdown icon)
fastapi-users/docs/configuration/routers/reset.md
François Voron 7721f8dcc1 Revamp authentication routes structure (#201) 
* Fix #68: use makefun to generate dynamic dependencies

* Remove every Starlette imports

* Split every routers and remove event handlers

* Make users router optional

* Pass after_update handler to get_users_router

* Update documentation

* Remove test file

* Write migration doc for splitted routers
2020-05-24 10:18:01 +02:00

1.7 KiB
octicon-code(15/) octicon-file(15/)
Raw Blame History
octicon-download(16/) octicon-copy(16/) octicon-rss(16/)

Reset password router

The reset password router will generate /forgot-password (the user asks for a token to reset its password) and /reset-password (the user changes its password given the token) routes.

Check the routes usage to learn how to use them.

Setup

from fastapi import FastAPI
from fastapi_users import FastAPIUsers

fastapi_users = FastAPIUsers(
    user_db,
    auth_backends,
    User,
    UserCreate,
    UserUpdate,
    UserDB,
)

app = FastAPI()
app.include_router(
    fastapi_users.get_reset_password_router("SECRET"),
    prefix="/auth",
    tags=["auth"],
)

Parameters:

  • reset_password_token_secret: Secret to encode reset password token.
  • reset_password_token_lifetime_seconds: Lifetime of reset password token. Defaults to 3600.
  • after_forgot_password: Optional function called after a successful forgot password request. See below.

After forgot password

You can provide a custom function to be called after a successful forgot password request. It is called with three arguments:

  • The user which has requested to reset their password.
  • A ready-to-use JWT token that will be accepted by the reset password route.
  • The original Request object.

Typically, you'll want to send an e-mail with the link (and the token) that allows the user to reset their password.

You can define it as an async or standard method.

Example:

def on_after_forgot_password(user: UserDB, token: str, request: Request):
    print(f"User {user.id} has forgot their password. Reset token: {token}")

app.include_router(
    fastapi_users.get_reset_password_router("SECRET", after_forgot_password=on_after_forgot_password),
    prefix="/auth",
    tags=["auth"],
)
Reference in New Issue View Git Blame Copy Permalink