def reset_token(token): if current_user.is_authenticated: return redirect(url_for('user.request_password')) user = User.check_reset_token(token) if not user: flash('This is not a valid token!', 'Warning') return redirect(url_for('user.reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8') user.password = hashed_password db.session.commit() flash('Your password has been updated!. You can login now.', 'success') return redirect(url_for('user.login')) return render_template('reset_token.html', title='Reset Password', form=form)