def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for('user.request_password'))
user = User.check_reset_token(token)
if not user:
flash('This is not a valid token!', 'Warning')
return redirect(url_for('user.reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
user.password = hashed_password
db.session.commit()
flash('Your password has been updated!. You can login now.', 'success')
return redirect(url_for('user.login'))
return render_template('reset_token.html', title='Reset Password', form=form)
