fixed password reset
parent
79585c2d0e
commit
94514721bb
19
app.py
19
app.py
|
@ -238,23 +238,20 @@ def forgot_password():
|
|||
if request.method == "GET":
|
||||
return render_template("forgot_password.html")
|
||||
elif request.method == "POST":
|
||||
user_email = request.form["email"].strip()
|
||||
|
||||
if not (user_email and "." in user_email and "@" in user_email):
|
||||
flash("You must have a valid email!")
|
||||
return redirect(url_for('forgot_password'))
|
||||
|
||||
if not email.is_valid_email(user_email):
|
||||
flash("You're lying")
|
||||
username = request.form["username"].strip()
|
||||
if len(username) > 50 or not username:
|
||||
flash("You must have a username!")
|
||||
return redirect(url_for('forgot_password'))
|
||||
|
||||
try:
|
||||
user = User.get(User.email == user_email)
|
||||
user = User.get(User.username == username)
|
||||
user.password_reset_token = misc.generate_confirmation_key()
|
||||
user.password_reset_expired = datetime.today() + datetime.timedelta(days=1)
|
||||
email.send_password_reset_email(user.email, user.password_reset_token)
|
||||
flash("Forgot password email sent! Check your email.")
|
||||
return render_template("forgot_password.html")
|
||||
except User.DoesNotExist:
|
||||
flash("Email is not registered", "error")
|
||||
flash("Username is not registered", "error")
|
||||
return render_template("forgot_password.html")
|
||||
|
||||
@app.route('/reset_password/<password_reset_token>', methods=["GET", "POST"])
|
||||
|
@ -280,7 +277,7 @@ def reset_password(password_reset_token):
|
|||
return redirect(url_for("forgot_password"))
|
||||
|
||||
user.setPassword(password)
|
||||
user.password_reset_token = null
|
||||
user.password_reset_token = None
|
||||
flash("Password successfully reset")
|
||||
return redirect(url_for("login"))
|
||||
except User.DoesNotExist:
|
||||
|
|
|
@ -7,12 +7,13 @@
|
|||
<div class="form-title blue-text">Forgot Password</div>
|
||||
<form method="POST">
|
||||
<div class="input-field">
|
||||
<input required id="email" name="email" type="email" />
|
||||
<label for="email">Email</label>
|
||||
<input required id="username" name="username" type="text" />
|
||||
<label for="username">Username</label>
|
||||
</div>
|
||||
<div class="row no-bot">
|
||||
<button class="btn waves-effect waves-light right" type="submit">Login</button>
|
||||
<button class="btn waves-effect waves-light right" type="submit">Reset Password</button>
|
||||
</div>
|
||||
<input name="_csrf_token" type="hidden" value="{{ csrf_token() }}" />
|
||||
</form>
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
<div class="row no-bot">
|
||||
<button class="btn waves-effect waves-light right" type="submit">Login</button>
|
||||
</div>
|
||||
<input name="_csrf_token" type="hidden" value="{{ csrf_token() }}" />
|
||||
</form>
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
|
Loading…
Reference in New Issue