def forgot_password():
form = ForgotPassword()
if request.method == "POST" and form.validate_on_submit():
username = form.username.data
# Get the user, and if they exist get the email from the database
user = User.query.filter_by(username=username).first()
if user:
email = user.email
# Generate random key / url for password change
random_key = str(uuid4())
# Store the key for the username to Redis with 24hr expiration
redis_conn.set(f"reset_{username}", random_key, ex=24 * 60 * 60)
# Create and the email
msg = Message("EDA Miner: Password reset", recipients=[email])
msg.html = ("To create a new password visit (within 24 hours)"
f" <a href='http://127.0.0.1:8000/forgot_password"
f"/{username}/{random_key}'>this page</href>.")
mail.send(msg)
return "We've sent you the email. Go to <a href='/'>home</a>?"
else:
return render_template("forgot_password.html", form=form)
def forgotPassword():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = ForgotPassword()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
send_reset_email(user)
return render_template('forgotpassword.html',
form=form,
title='ORM - Forgot Password')
def forgotpass():
form = ForgotPassword()
if form.validate_on_submit():
username = form.username.data
password = form.password.data
user = find_user(username)
if user != 'na' and user != 'admin':
replace_password(username, password)
return redirect('/login')
else:
flash('Username not found')
return render_template('forgot-password.html', form=form)
def forgotpassword():
if session.get('logged_in'):
return redirect(url_for('index'))
form = ForgotPassword()
if form.validate_on_submit():
user = User.objects() # get the user
# set the code object via uuid4()
msg = Message("Hello",
sender="*****@*****.**",
recipients=[form.email.data.lower()])
msg.body = url_for("resetpassword", code=str(uuid.uuid4()))
msg.html = "<a href='http://localhost:5000"+url_for("resetpassword", code=code)+"'>Reset Password</a>"
mail.send(msg)
# redirect to login
return render_template('ForgotPassword.html', form=form)
def login_register():
loginform = LoginForm()
signupform = SignupForm()
forgotpasswordform = ForgotPassword()
if forgotpasswordform.submit3.data and forgotpasswordform.validate_on_submit():
result = request.form
resp = forgotpassword(result['username'])
if resp['success']:
return redirect(url_for('confirm_forgot_password', msg="Check your email for the further procedure."))
else:
return render_template('login-register.html', loginform=LoginForm(), signupform=SignupForm(),
forgotpasswordform=forgotpasswordform, loginmsg=resp['message'], user=logged_in_user)
if loginform.submit1.data and loginform.validate_on_submit():
result = request.form
resp = login(result['username'], result['password'])
if resp['success']:
logged_in_user.username = result['username']
logged_in_user.token = resp['data']['access_token']
return redirect(url_for('home', msg="You have successfully logged in."))
else:
return render_template('login-register.html', loginform=LoginForm(), signupform=SignupForm(),
forgotpasswordform=forgotpasswordform, loginmsg=resp['message'], user=logged_in_user)
if signupform.submit2.data and signupform.validate_on_submit():
result = request.form
event = {
'username': result['username'],
'password': result['password'],
'email': result['email'],
'name': 'Atul',
}
resp = registration(event)
if resp['success']:
return redirect(url_for('home', msg=resp['message']))
else:
return render_template('login-register.html', loginform=LoginForm(), signupform=SignupForm(),
forgotpasswordform=forgotpasswordform, signupmsg=resp['message'],
user=logged_in_user)
return render_template('login-register.html', loginform=loginform, signupform=signupform,
forgotpasswordform=forgotpasswordform, user=logged_in_user)
def resetpassword(code=None):
if code == None:
return redirect(url_for('index'))
# check if code is correct
form = ForgotPassword()
if form.validate_on_submit():
if form.password.data == form.password2.data and len(form.password.data) >= 8:
pw_hash = generate_password_hash(form.password.data)
try:
user = User(password = pw_hash, color=str(uuid.uuid4())[:6])
code = str(uuid.uuid4())
except:
pass
else:
if len(form.password.data) < 8:
error = 'Password too short'
else:
error = 'Passwords do not match'
# reset password
return redirect(url_for('login'))
def forgot_password():
""" Renders the forgot_password.html webpage. Gets user email from forgot
password page, and creates a unique token for that user, sending it to them
via email as part of a unique link """
#get form data
form = ForgotPassword()
if form.validate_on_submit():
user_email = form.email.data
# check if user email exists
user = model.db.session.query(model.User)\
.filter_by(email=user_email).first()
if not user:
flash("No user found with that email address.")
return redirect("/forgot_password")
# Create reset password email
subject = "Password reset requested"
token = ts.dumps(user.email, salt="recover-key")
recover_url = url_for("reset_with_token", token=token, _external=True)
html = render_template("emails/recover_password.html",
recover_url=recover_url)
# Create email message to send
msg = Message(subject,
sender="*****@*****.**",
recipients=[user.email])
msg.html = html
mail.send(msg)
flash("Password reset instructions sent to your email address.")
return render_template("forgot_password.html", form=form)
