password reset

models.py

@@ -447,6 +447,25 @@ class PasswordSetupToken(db.Model):
     def __repr__(self):
         return f'<PasswordSetupToken {self.token}>'
 
+class PasswordResetToken(db.Model):
+    __tablename__ = 'password_reset_tokens'
+    id = db.Column(db.Integer, primary_key=True)
+    user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
+    token = db.Column(db.String(100), unique=True, nullable=False)
+    created_at = db.Column(db.DateTime, default=datetime.utcnow)
+    expires_at = db.Column(db.DateTime, nullable=False)
+    used = db.Column(db.Boolean, default=False)
+    ip_address = db.Column(db.String(45))  # Store IP address for security
+    
+    # Relationships
+    user = db.relationship('User', backref=db.backref('password_reset_tokens', cascade='all, delete-orphan'))
+
+    def is_valid(self):
+        return not self.used and datetime.utcnow() < self.expires_at
+
+    def __repr__(self):
+        return f'<PasswordResetToken {self.token}>'
+
 def user_has_permission(room, perm_name):
     """
     Check if the current user has a specific permission in a room.