refactor: split changes for api/controllers/web/forgot_password.py (#29858)

2026-05-05 01:48:04 +08:00 · 2025-12-24 10:41:51 +09:00
parent 0a448a13c8
commit 037b8ae9e2
2 changed files with 246 additions and 38 deletions
--- a/api/controllers/web/forgot_password.py
+++ b/api/controllers/web/forgot_password.py
@ -2,10 +2,12 @@ import base64
 import secrets

 from flask import request
-from flask_restx import Resource, reqparse
+from flask_restx import Resource
+from pydantic import BaseModel, Field, field_validator
 from sqlalchemy import select
 from sqlalchemy.orm import Session

+from controllers.common.schema import register_schema_models
 from controllers.console.auth.error import (
    AuthenticationFailedError,
    EmailCodeError,
@ -18,14 +20,40 @@ from controllers.console.error import EmailSendIpLimitError
 from controllers.console.wraps import email_password_login_enabled, only_edition_enterprise, setup_required
 from controllers.web import web_ns
 from extensions.ext_database import db
-from libs.helper import email, extract_remote_ip
+from libs.helper import EmailStr, extract_remote_ip
 from libs.password import hash_password, valid_password
 from models import Account
 from services.account_service import AccountService


+class ForgotPasswordSendPayload(BaseModel):
+    email: EmailStr
+    language: str | None = None
+
+
+class ForgotPasswordCheckPayload(BaseModel):
+    email: EmailStr
+    code: str
+    token: str = Field(min_length=1)
+
+
+class ForgotPasswordResetPayload(BaseModel):
+    token: str = Field(min_length=1)
+    new_password: str
+    password_confirm: str
+
+    @field_validator("new_password", "password_confirm")
+    @classmethod
+    def validate_password(cls, value: str) -> str:
+        return valid_password(value)
+
+
+register_schema_models(web_ns, ForgotPasswordSendPayload, ForgotPasswordCheckPayload, ForgotPasswordResetPayload)
+
+
@web_ns.route("/forgot-password")
 class ForgotPasswordSendEmailApi(Resource):
+    @web_ns.expect(web_ns.models[ForgotPasswordSendPayload.__name__])
    @only_edition_enterprise
    @setup_required
    @email_password_login_enabled
@ -40,35 +68,31 @@ class ForgotPasswordSendEmailApi(Resource):
        }
    )
    def post(self):
-        parser = (
-            reqparse.RequestParser()
-            .add_argument("email", type=email, required=True, location="json")
-            .add_argument("language", type=str, required=False, location="json")
-        )
-        args = parser.parse_args()
+        payload = ForgotPasswordSendPayload.model_validate(web_ns.payload or {})

        ip_address = extract_remote_ip(request)
        if AccountService.is_email_send_ip_limit(ip_address):
            raise EmailSendIpLimitError()

-        if args["language"] is not None and args["language"] == "zh-Hans":
+        if payload.language == "zh-Hans":
            language = "zh-Hans"
        else:
            language = "en-US"

        with Session(db.engine) as session:
-            account = session.execute(select(Account).filter_by(email=args["email"])).scalar_one_or_none()
+            account = session.execute(select(Account).filter_by(email=payload.email)).scalar_one_or_none()
        token = None
        if account is None:
            raise AuthenticationFailedError()
        else:
-            token = AccountService.send_reset_password_email(account=account, email=args["email"], language=language)
+            token = AccountService.send_reset_password_email(account=account, email=payload.email, language=language)

        return {"result": "success", "data": token}


@web_ns.route("/forgot-password/validity")
 class ForgotPasswordCheckApi(Resource):
+    @web_ns.expect(web_ns.models[ForgotPasswordCheckPayload.__name__])
    @only_edition_enterprise
    @setup_required
    @email_password_login_enabled
@ -78,45 +102,40 @@ class ForgotPasswordCheckApi(Resource):
        responses={200: "Token is valid", 400: "Bad request - invalid token format", 401: "Invalid or expired token"}
    )
    def post(self):
-        parser = (
-            reqparse.RequestParser()
-            .add_argument("email", type=str, required=True, location="json")
-            .add_argument("code", type=str, required=True, location="json")
-            .add_argument("token", type=str, required=True, nullable=False, location="json")
-        )
-        args = parser.parse_args()
+        payload = ForgotPasswordCheckPayload.model_validate(web_ns.payload or {})

-        user_email = args["email"]
+        user_email = payload.email

-        is_forgot_password_error_rate_limit = AccountService.is_forgot_password_error_rate_limit(args["email"])
+        is_forgot_password_error_rate_limit = AccountService.is_forgot_password_error_rate_limit(payload.email)
        if is_forgot_password_error_rate_limit:
            raise EmailPasswordResetLimitError()

-        token_data = AccountService.get_reset_password_data(args["token"])
+        token_data = AccountService.get_reset_password_data(payload.token)
        if token_data is None:
            raise InvalidTokenError()

        if user_email != token_data.get("email"):
            raise InvalidEmailError()

-        if args["code"] != token_data.get("code"):
-            AccountService.add_forgot_password_error_rate_limit(args["email"])
+        if payload.code != token_data.get("code"):
+            AccountService.add_forgot_password_error_rate_limit(payload.email)
            raise EmailCodeError()

        # Verified, revoke the first token
-        AccountService.revoke_reset_password_token(args["token"])
+        AccountService.revoke_reset_password_token(payload.token)

        # Refresh token data by generating a new token
        _, new_token = AccountService.generate_reset_password_token(
-            user_email, code=args["code"], additional_data={"phase": "reset"}
+            user_email, code=payload.code, additional_data={"phase": "reset"}
        )

-        AccountService.reset_forgot_password_error_rate_limit(args["email"])
+        AccountService.reset_forgot_password_error_rate_limit(payload.email)
        return {"is_valid": True, "email": token_data.get("email"), "token": new_token}


@web_ns.route("/forgot-password/resets")
 class ForgotPasswordResetApi(Resource):
+    @web_ns.expect(web_ns.models[ForgotPasswordResetPayload.__name__])
    @only_edition_enterprise
    @setup_required
    @email_password_login_enabled
@ -131,20 +150,14 @@ class ForgotPasswordResetApi(Resource):
        }
    )
    def post(self):
-        parser = (
-            reqparse.RequestParser()
-            .add_argument("token", type=str, required=True, nullable=False, location="json")
-            .add_argument("new_password", type=valid_password, required=True, nullable=False, location="json")
-            .add_argument("password_confirm", type=valid_password, required=True, nullable=False, location="json")
-        )
-        args = parser.parse_args()
+        payload = ForgotPasswordResetPayload.model_validate(web_ns.payload or {})

        # Validate passwords match
-        if args["new_password"] != args["password_confirm"]:
+        if payload.new_password != payload.password_confirm:
            raise PasswordMismatchError()

        # Validate token and get reset data
-        reset_data = AccountService.get_reset_password_data(args["token"])
+        reset_data = AccountService.get_reset_password_data(payload.token)
        if not reset_data:
            raise InvalidTokenError()
        # Must use token in reset phase
@ -152,11 +165,11 @@ class ForgotPasswordResetApi(Resource):
            raise InvalidTokenError()

        # Revoke token to prevent reuse
-        AccountService.revoke_reset_password_token(args["token"])
+        AccountService.revoke_reset_password_token(payload.token)

        # Generate secure salt and hash password
        salt = secrets.token_bytes(16)
-        password_hashed = hash_password(args["new_password"], salt)
+        password_hashed = hash_password(payload.new_password, salt)

        email = reset_data.get("email", "")

@ -170,7 +183,7 @@ class ForgotPasswordResetApi(Resource):

        return {"result": "success"}

-    def _update_existing_account(self, account, password_hashed, salt, session):
+    def _update_existing_account(self, account: Account, password_hashed, salt, session):
        # Update existing account credentials
        account.password = base64.b64encode(password_hashed).decode()
        account.password_salt = base64.b64encode(salt).decode()