def change_email_request():
form = ChangeEmailForm()
if form.validate_on_submit():
if current_user.verify_password(form.password.data):
new_email = form.email.data.lower()
token = current_user.generate_email_change_token(new_email)
send_email(new_email, 'Confirm your email address', 'auth/email/change_email', user=current_user,
token=token, current_time=datetime.now(tz.gettz('CST')).strftime("%B %d, %Y %H:%M CST"))
flash('An email with instructions to confirm your new email address has been sent to ' + new_email + '.',
'alert-info')
return redirect(url_for('main.index'))
else:
flash('Invalid email or password.', 'alert_danger')
return render_template('auth/change_email.html', form=form)
def password_reset_request():
if not current_user.is_anonymous:
flash("Since you know your current password, you don't need to reset it. You can change it directly.",
'alert-info')
return redirect(url_for('auth.change_password'))
form = PasswordResetRequestForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user:
token = user.generate_reset_token()
send_email(user.email, 'Reset Your Password', 'auth/email/reset_password', user=user, token=token,
current_time=datetime.now(tz.gettz('CST')).strftime("%B %d, %Y %H:%M CST"))
flash('An email with instructions to reset your password has been sent to you.', 'alert-primary')
return redirect(url_for('auth.login'))
return render_template('auth/reset_password.html', form=form)
def tow_factor_reset_request():
if not current_user.is_anonymous:
flash("Since you have access to your 2FA, you don't need to reset it. You can change it directly.",
'alert-info')
return redirect(url_for('auth.change_two_factor'))
form = TwoFactorResetForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user is not None and user.verify_password(form.password.data):
token = user.generate_two_factor_reset_token()
send_email(user.email, 'Reset Your 2FA', 'auth/email/reset_two_factor', user=user, token=token,
current_time=datetime.now(tz.gettz('CST')).strftime("%B %d, %Y %H:%M CST"))
flash('An email with instructions to reset your 2FA has been sent to you.', 'alert-primary')
flash('Invalid email or password.', 'alert-danger')
return render_template('auth/reset_tow_factor.html', form=form)
def register():
form = RegistrationForm()
if form.validate_on_submit():
user = User(
email=form.email.data.lower(),
name=form.name.data,
password=form.password.data,
gender=Gender.query.get(form.gender.data)
)
token = user.generate_confirmation_token()
send_email(user.email, 'Confirm Your Account', 'auth/email/confirm', user=user, token=token,
current_time=datetime.now(tz.gettz('CST')).strftime("%B %d, %Y %H:%M CST"))
flash('A confirmation email has been sent to you by email.', 'alert-primary')
db.session.add(user)
db.session.commit()
# Redirect to the two-factor auth page, passing username in session
# Do NOT put user_id into the session, in case you wanna log the user in.
session['email'] = user.email
return redirect(url_for('auth.two_factor_setup'))
return render_template('auth/register.html', form=form)
def resend_confirmation():
token = current_user.generate_confirmation_token()
send_email(current_user.email, 'Confirm Your Account', 'auth/email/confirm', user=current_user, token=token,
current_time=datetime.now(tz.gettz('CST')).strftime("%B %d, %Y %H:%M CST"))
flash('A new confirmation email has been sent to you by email.', 'alert-primary')
return redirect(url_for('main.index'))