def reset_password(token): """ Description ----------- This function takes a token and returns the specific password reset page for a particular user if they have forgotten or lost their password. Params ------ :token: str The string representation of a JSON web token. Return ------ Returns a rendered Jinja2 HTML template served over the flask application under the `/reset_password/<token>' path """ reroute = redirect(url_for('index')) if current_user.is_authenticated: return reroute user = User.verify_password_reset_token(token) if not user: return reroute form = PasswordResetForm() if form.validate_on_submit(): user.set_password(form.password.data) user.last_modified_at = time() db.session.commit() flash('Your password has been successfully reset.') return redirect(url_for('login')) return render_template( 'reset_password.html', form=form, header='Pick a new password since you forgot the other one.', footer='We all forget sometimes.')
def reset_password(): form = PasswordResetForm() if form.validate_on_submit(): # reset password logic flash(f'Password reset successful!', 'success') return redirect(url_for('login')) return render_template('web/auth/reset_password.html', title='Reset Password', form=form)
def password_reset_token(token): if current_user.is_authenticated: return redirect(url_for('home')) user = User.verify_password_reset_token(token) if user is None: flash('That is an invalid or expired token', 'warning') return redirect(url_for('password_reset')) form = PasswordResetForm() if request.method == 'POST' and form.validate_on_submit(): pass return render_template('password_reset_token.html', form=form)
def reset_password(token): form = PasswordResetForm() if form.validate_on_submit(): user = User.load_user_from_token(token) if user is not None: user.password = form.password.data user.save() flash('Your password has been updated.') else: flash('Failed to update your password: token expired or was incorrect, or account was deleted') return redirect(url_for('main.index')) return render_template('reset_password.html', form=form)
def reset_password(token=None): # the user is trying to update the password and # has submitted the passwords s = Serializer(app.config['SECRET_KEY']) # check if the token is a valid one and return a useful message try: data = s.loads(token) except SignatureExpired: # valid token, but expired response = jsonify( { "error": "Your link expired, request another and use that!" }) response.status_code = 401 return response except BadSignature: # invalid token response = jsonify({"error": "Nice try.."}) response.status_code = 401 return response # if were here, we've fount that the token is valid form = PasswordResetForm() email = data['email'] # the passwords have been properly filled in the form if form.validate_on_submit(): # ensure the user from the token exists user = User.query.filter_by(email=email).first() # user exists and we can update their password user.password = user.hash_password(form.password.data) db.session.commit() # send a success message back response = jsonify( { "success": "Your password has been successfully reset," " you can use it to log in now" }) response.status_code = 200 return response # the form wasnt properly submitted, return error messages else: response = jsonify({"error": form.errors}) response.status_code = 422 return response
def password_reset(token): form = PasswordResetForm() if form.validate_on_submit(): email = ts.loads(token, salt='password-reset-key', max_age=86400) user = User.query.filter_by(email=email).first_or_404() user.set_password(form.new_password.data) try: database.session.commit() except Exception as error: return 'error: {}'.format(error) flash('Hasło zostało zmienione.') return redirect(url_for('index')) return render_template('password_reset.html', form=form)
def password_reset(token): if not current_user.is_anonymous: return redirect(url_for('index')) form = PasswordResetForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is None: return redirect(url_for('index')) if user.reset_password(token, form.password.data): flash(u'您的密码已被更新') return redirect(url_for('login')) else: return redirect(url_for('index')) return render_template('reset_password0.html', form=form)
def password_reset_token(token): if current_user.is_authenticated: return redirect(url_for('home')) user = User.verify_password_reset_token(token) if user is None: flash('That is an invalid or expired token', 'warning') return redirect(url_for('password_reset')) form = PasswordResetForm() if request.method == 'POST' and form.validate_on_submit(): user.set_password(form.password.data) db.session.commit() flash('Your password was set. Try to lgin.', 'success') return redirect(url_for('login')) return render_template('password_reset_token.html', form=form)
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('profile')) user = User.verify_reset_token(token) if user is None: flash('The link you followed is invalid or expired.', 'warning') return redirect(url_for('login')) form = PasswordResetForm() if form.validate_on_submit(): hashed_pw = bcrypt.generate_password_hash(form.password.data).decode('utf-8') user.password = hashed_pw db.session.commit() flash('You have successfully changed your password. You may log in using your new password.', 'success') return redirect(url_for('login')) return render_template('setnewpassword.html', form=form)
def password_reset(token): """Render the password reset page.""" if current_user.is_authenticated: return redirect(url_for('dashboard')) user = Users.verify_reset_password_token(token) if not user: return redirect(url_for('index')) form = PasswordResetForm() if form.validate_on_submit(): user.set_password(form.password.data) db.session.commit() flash('password reset successful.') return redirect(url_for('login')) return render_template('password_reset.html', title='Password Reset', form=form)
def reset_token(token): ts = URLSafeTimedSerializer(app.config.get('SECRET_KEY')) email = ts.loads(token, salt="recover-pw", max_age=86400) form = PasswordResetForm() if form.validate_on_submit(): user = User.query.filter_by(email=email).first() user.set_pwd(form.password.data) db.session.commit() app.logger.info('Password reset completed for User ID {} at {}'.format( current_user.id, datetime.now())) return redirect(url_for('main_panel.login')) return render_template('reset_token.html', form=form, token=token, email=email)
def reset_password(): msg = None if current_user.is_authenticated: return redirect(url_for('/')) form = PasswordResetForm() loginForm = LoginForm() if form.validate_on_submit(): user = User.verify_reset_token(request.form.get('token')) if user: password = request.form.get('password') user.password = bc.generate_password_hash(password) db.session.commit() msg = "Password changed. Now you can login." else: msg = "Sorry Invalid token." return render_template('layouts/auth-default.html', content=render_template('pages/login.html', form=loginForm, msg=msg))
def reset_password(token): if current_user.is_authenticated: return render_template('main.dashboard') try: user = User.verify_reset_password_token(token) if user is None: flash('The confirmation link is invalid or has expired.', 'danger') return render_template('main/404.html'), 404 except: flash('The confirmation link is invalid or has expired.', 'danger') if not user: flash('The confirmation link is invalid or has expired.', 'danger') form = PasswordResetForm() if form.validate_on_submit(): user.set_password(form.password.data) db.session.commit() flash('Your password has been reset', 'success') return redirect(url_for('main.login')) return render_template('main/reset_password.html', form=form)
def passwordReset(): form = PasswordResetForm() if form.validate_on_submit(): key = random.randrange(1, 100000000) user = User.query.filter_by(email=form.email.data).first() user.key = key db.session.add(user) db.session.commit() print('USER ---key is ', user.key, ' ------- ', user.username) msg = Message("Password Reset Link !", sender="*****@*****.**", recipients=[user.email], html=render_template('verify.html', email=user.email, username=user.username, key=key)) mail.send(msg) return "Message sent!" return render_template('password.html', form=form)
def password_reset_page(): """Handle password reset """ if not 'email' in request.form or not request.form['email']: return redirect(url_for('login_page')) form = PasswordResetForm() if 'password_submit' in request.form and form.validate_on_submit(): next_page = request.args.get('next') user = User.query.filter_by(email=request.form['email']).first() if user is None: return redirect(url_for('login_page')) user.set_password(request.form['password']) user.force_password_reset = False db.session.commit() logout_user() flash('Password reset successfully.') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('index_page') return redirect(next_page) return render_template('password.html', title='Reset Password', form=form)
def reset_password(reset_token): try: email = decode_token(reset_token) except SignatureExpired: return "This token has expired." except BadSignature: return "Invalid token." form = PasswordResetForm() if form.validate_on_submit(): user = User.query.filter(User.email == email).one() if email != form.email.data: flash('Email not valid', 'danger') else: user.password = form.password.data db.session.add(user) db.session.commit() flash('Your password has been reset. Log in!', 'success') return redirect(url_for('user.login')) return render_template('user/reset_password.html', form=form, reset_token=reset_token)