We use a password reset email pattern to help users safely change their forgotten passwords. It sends a special link to their email so only they can reset their password.
from flask import Flask, request, url_for from itsdangerous import URLSafeTimedSerializer app = Flask(__name__) app.config['SECRET_KEY'] = 'your-secret-key' serializer = URLSafeTimedSerializer(app.config['SECRET_KEY']) def generate_reset_token(email): return serializer.dumps(email, salt='password-reset-salt') def verify_reset_token(token, expiration=3600): try: email = serializer.loads(token, salt='password-reset-salt', max_age=expiration) except Exception: return None return email
The URLSafeTimedSerializer creates a token that expires after some time.
Use the same salt value when generating and verifying tokens.
token = generate_reset_token('user@example.com') print(token)
email = verify_reset_token(token) if email: print(f'Token valid for {email}') else: print('Token invalid or expired')
This program creates a reset token for a user email, prints a reset link with the token, then simulates verifying the token when the user clicks the link.
from flask import Flask, request, url_for from itsdangerous import URLSafeTimedSerializer app = Flask(__name__) app.config['SECRET_KEY'] = 'your-secret-key' serializer = URLSafeTimedSerializer(app.config['SECRET_KEY']) def generate_reset_token(email): return serializer.dumps(email, salt='password-reset-salt') def verify_reset_token(token, expiration=3600): try: email = serializer.loads(token, salt='password-reset-salt', max_age=expiration) except Exception: return None return email # Simulate sending reset email user_email = 'user@example.com' token = generate_reset_token(user_email) print(f'Reset link: http://example.com/reset_password/{token}') # Simulate user clicking the link later received_token = token verified_email = verify_reset_token(received_token) if verified_email: print(f'Token valid for {verified_email}') else: print('Token invalid or expired')
Always keep your SECRET_KEY safe and secret.
Tokens should expire to prevent misuse.
Send the reset link via email securely and avoid showing tokens in URLs publicly.
The password reset email pattern helps users safely reset forgotten passwords.
It uses a token that expires to verify the user's identity.
Flask with itsdangerous makes creating and checking tokens easy.