Python for Entrepreneurs Transcripts
Chapter: Sending and receiving email
Lecture: Concept: Password resets

Login or purchase this course to watch this video and the rest of the course contents.
0:02 Now that you've seen password resets in action,
0:05 let's review the fundamental data structure that was central to this whole process,
0:09 so here is our PasswordReset class, which maps to our PasswordReset table
0:14 via the __tablename__, and you can see that our id was created
0:19 with the intention of making this not easy to guess,
0:23 remember, that was one of our keys to a good reset process was that
0:26 it's not reset one, reset two, but it's a big hard to guess
0:31 more or less randomly generated thing,
0:34 so our default value for a lambda here does that.
0:37 we want to store the created_date and we just do that with the default value as well,
0:41 but we need that created_date so that we can expire these
0:44 after certain amount of time, in our demo we choose one day.
0:48 And then finally, we need to be able to use up the reset code,
0:52 so we have a used_date so we know when it was used,
0:55 just to keep it simple as a boolean, we have a was_used,
0:58 our used ip address actually had two vales,
1:00 in the beginning it was the ip address used to create the reset code,
1:04 and then in the end, we overwrote that value with the actual ip address
1:08 used to apply that code to the account.
1:12 Maybe I should have two separate fields
1:15 created_by_ip_address used_by_ip_address,
1:19 it's up to you, how you want to store that.
1:22 And finally, this password reset needs to apply to a particular user,
1:26 and we make that link by them providing their email address,
1:31 we can then look up the account, we don't let them log in but we do grab the id
1:34 and associate it here so if they actually own that address they can go to their email
1:38 which we sent this code to them, the id basically, in their email they click it,
1:43 they come back and then they can set that code for that user.
1:47 Alright, that's it for password resets, there is kind of a lot of small little steps,
1:51 but you can grab the most of the code from GitHub and just adapt it to your purpose.