def confirm(code):
if not constants.REQUIRE_EMAIL_CONFIRMATION:
abort(404)
try:
email = token.decode(code, salt=constants.EMAIL_CONFIRMATION_SALT)
except Exception as e:
email = None
if not email:
# TODO: Render a nice error page here.
return abort(404)
user = User.query.filter_by(email=email).first()
if not user:
return abort(404)
user.email_confirmed = True
db.session.commit()
if current_user == user:
flash('Succesfully confirmed your email', 'success')
return redirect(url_for("dashboard.home"))
else:
flash('Confirmed your email. Please login to continue', 'success')
return redirect(url_for("auth.login"))
def reset_password(code):
if not current_user.is_anonymous:
flash('You must be logged out to reset your password', 'warning')
return redirect(url_for("dashboard_home.index"))
try:
email = token.decode(code, salt=constants.PASSWORD_RESET_SALT)
except Exception:
email = None
if not email:
return abort(403)
form = ChangePasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email=email).one()
user.password = form.password.data
db.session.commit()
login_user(user)
flash("Changed your password succesfully", "success")
return redirect(
request.args.get("next") or url_for("dashboard_home.index"))
return render_template("auth/reset_password.html", form=form)