flask 带时效令牌验证(flask 92)

data = {'id': user.id, 'operation': operation}
data.update(**kwargs)
return s.dumps(data)

try:
    data = s.loads(token)
except (SignatureExpired, BadSignature):
    return False

if operation != data.get('operation') or user.id != data.get('id'):
    return False

if operation == Operations.CONFIRM:
    user.confirmed = True
elif operation == Operations.RESET_PASSWORD:
    user.set_password(new_password)
elif operation == Operations.CHANGE_EMAIL:
    new_email = data.get('new_email')
    if new_email is None:
        return False
    if User.query.filter_by(email=new_email).first() is not None:
        return False
    user.email = new_email
else:
    return False

db.session.commit()
return True

if validate_token(user=current_user, token=token, operation=Operations.CONFIRM):
    flash('Account confirmed.', 'success')
    return redirect(url_for('main.index'))