Example #1
0
def reset_password(token):
	"""
	重设密码
	:param token: 点击邮件中的链接携带的token
	"""
	logger.info('url = ' + str(request.url))
	# 如果用户已经登录,不需要重设密码
	if current_user.is_authenticated:
		return redirect(url_for('main.index'))

	form = ResetPasswordForm()
	if form.validate_on_submit():
		user = User.query.filter_by(email=form.email.data.lower()).first()
		# 用户不存在
		if user is None:
			return redirect(url_for('main.index'))
		# 验证token的有效性
		if validate_token(user=user, token=token, operation=Operations.RESET_PASSWORD,
						  new_password=form.password.data):
			flash('密码重置成功!', 'success')
			return redirect(url_for('.login'))
		else:
			flash('无效或过期链接!', 'danger')
			# 跳转到忘记密码页面
			return redirect(url_for('.forget_password'))
	# 重设密码
	return render_template('auth/reset_password.html', form=form)
Example #2
0
def reset_password(token):
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))

    form = ResetPasswordForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data.lower()).first()
        if user is None:
            return False
        if validate_token(user=user, token=token, operation=Operations.RESET_PASSWORD, new_password=form.password.data):
            flash('Password updated', 'info')
            return redirect(url_for('auth.login'))
        else:
            flash('Invalid or expired token', 'danger')
            return redirect(url_for('auth.forget_password'))
    return render_template('auth/reset_password.html', form=form)
Example #3
0
def reset_password(token):
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))

    form = ResetPasswordForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data.lower()).first()
        if user is None:
            flash('用户不存在!', 'warning')
            return redirect(url_for('main.index'))
        if validate_token(user=user,
                          token=token,
                          operation=Operations.RESET_PASSWORD,
                          new_password=form.password.data):  # 传入新密码
            flash('重置密码成功。', 'success')
            return redirect(url_for('.login'))

    return render_template('auth/reset_password.html', form=form)
Example #4
0
def reset_password(token):
    if current_user.is_authenticated:
        return redirect(url_for("main.index"))

    form = ResetPasswordForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data.lower()).first()
        if user is None:
            return redirect(url_for("main.index"))
        if validate_token(user=user,
                          token=token,
                          operation=Operations.RESET_PASSWORD,
                          new_password=form.password.data):
            flash("Password updated successfully.", "success")
            return redirect(url_for("auth.login"))
        else:
            flash("Invalid or expired link.", "danger")
            return redirect(url_for("auth.forget_password"))
    return render_template("auth/reset_password.html", form=form)
Example #5
0
def reset_password(token):
	if current_user.is_authenticated:
		return redirect(url_for('main.index'))
	
	form = ResetPasswordForm()
	if form.validate_on_submit():
		email = form.email.data.lower()
		user = User.query.filter_by(email=email).first()
		if not user:
			return redirect(url_for('main.index'))
		new_password = form.password.data
		if validate_token(user, token, Operations.RESET_PASSWORD, new_password=new_password):
			flash('Password updated', 'success')
			return redirect(url_for('.login'))
		else:
			flash('Invalid or expired link.', 'danger')
			return redirect(url_for('.forget_password'))
	# 问题:如何针对未登录用户进行验证?要怎么修改?user参数怎么传?
	# 在post时候再验证
	return render_template('auth/reset_password.html', form=form)