def change_password():
form = ChangePasswordForm()
if form.validate_on_submit():
if current_user.vertify_password(form.old_password.data):
current_user.password = form.password.data
db.session.add(current_user)
flash('your password has been updated')
return redirect(url_for('main.index'))
else:
flash('Invalid password.')
return render_template('auth/change_password.html',form=form)
def change_email_request():
form = ChangeEmailForm()
if form.validate_on_submit():
if current_user.vertify_password(form.password.data):
new_email = form.email.data
token = current_user.generate_email_change_token(new_email)#此处是生成email_change_token
send_mail(new_email,'Confirm your new email','auth/email/change_email',user=current_user,token=token)
flash('an email with constructions to confirm your new email has been sent to you')
return redirect(url_for('main.index'))
else:
flash('Incorrect password')
return render_template('auth/change_email.html',form=form)
