def reset_password(email_address_hash): 

    top_nav = get_top_nav()

    errors = []
    success = False
    show_form = True

    try: 
        user = User.objects.filter(email_address_hash = email_address_hash)[0]
        if not user.password_reset_expiration or datetime.now() > user.password_reset_expiration: raise
    except:
        errors.append("No password reset request found.")
        show_form = False

    if not errors and request.method == 'POST':    
        password = request.form.get("password", None)
        confirm_password = request.form.get("confirm_password", None)

        if not password:
            errors.append("Please provide a password.")
        elif not utils.validate_password(password):
            errors.append("Password should be at least 8 characters and contain a letter and number.")
        elif password != confirm_password:
            errors.append("Confirm password should match the password.")

        if not errors:
            success = True
            show_form = False
            user.password = password
            user.password_reset_expiration = None
            user.save()

    return render_template('user/reset_password.html', **locals())
    def edit_profile(self, email_address, **kwargs):
        try:
            if not email_address: raise Exception, 'Email address cannot be empty.'

            user = None
            new_password = request.json.get('new_password', None)
            if new_password:
                old_password = request.json.get('old_password', None)
                if not old_password: raise Exception, 'Old password cannot be empty if you want to change your password.'

                if not utils.validate_password(new_password): raise Exception, 'Invalid new password.'
                
                try: user = User.objects.filter(email_address=email_address.lower(), password=old_password)[0]
                except: raise Exception, 'Invalid user.'

                user.password = new_password 
                user.last_password_change = datetime.now()

            if not user: 
                try: user = User.objects.filter(email_address=email_address.lower())[0]
                except: raise Exception, 'Invalid user.'

            user.push_notifications = bool(request.json.get('push_notifications', user.push_notifications))
            user.email = bool(request.json.get('email', user.email))
            user.badge = bool(request.json.get('badge', user.badge))
            if request.json.get('ua_ids', None): 
                ua_ids = request.json['ua_ids']
                if not isinstance(ua_ids, (list, tuple)): ua_ids = [ua_ids]
                user.ua_ids = ua_ids

            user.save()

            data = {
                'status': 'success'
            }
        except Exception, e:
            data = {
                'status': 'failure',
                'reason': str(e)
            }
    def create(self, **kwargs):
        try:
            email_address = request.json.get('email_address', None)
            if not email_address: raise Exception, 'Email address cannot be empty.'

            password = request.json.get('password', None)
            if not password: raise Exception, 'Password cannot be empty.'

            if not utils.validate_password(password): raise Exception, 'Invalid password.'

            if User.exists(email_address): raise Exception, 'An account for this email address already exists.'

            User.objects.create(email_address=email_address, password=password)
            #TODO Kicks off the account validation flow, sending an email to the user.  
            #This must be completed before any alerts will be sent to the mobile device or the email address.
            data = {
                'status': 'success'
            }
        except Exception, e:
            data = {
                'status': 'failure',
                'reason': str(e)
            }