def register(): if 'username' in session: flash('You cannot register while you are logged in, please log out first.') return redirect(url_for('home')) form = RegistrationForm(request.form) if request.method == 'POST' and form.validate(): username_exist = db.retrieve_user_by_username(form.username.data) email_exist = db.retrieve_user_by_email(form.email.data) if username_exist: form.username.errors.append('Username already taken') if email_exist: form.email.errors.append('Email already used') if username_exist or email_exist: return render_template('register.html', form=form, title='Sign Up') # load data from form and create User object user = User(form.username.data, form.email.data, User.generate_hash(form.password.data), form.acc_type.data) # save user to database db.insert_user(user) # generate 5 digits activation code and save it inside db activation_code = str(random.randint(10000, 99999)) db.insert_token(user.username, activation_code) # generate activation link, activation code is encoded as URL parameter activation_link = url_for('activate', _external=True, username=user.username) activation_link += "?activation_code=" + activation_code # generate template for confirmation email email_msg = render_template('email/verify_email.html', username=user.username, activation_code=activation_code, activation_link=activation_link) # send email send_email(recipient=user.email, subject='Account Activation', template=email_msg) flash('Thanks for registering, check your email inbox for instructions on how to activate your account') return redirect(url_for('home')) return render_template('register.html', form=form, title='Sign Up')
def reset(): form = ResetPasswordForm(request.form) if request.method == 'POST' and form.validate(): user = db.retrieve_user_by_email(form.email.data) if not user: form.email.errors.append('Email address not found') # generate 6 chars random password generated_password = ''.join([random.choice(string.ascii_letters + string.digits) for _ in range(6)]) # change password db.change_password(user.username, user.generate_hash(generated_password)) # generate email message email_msg = render_template('email/reset_password.html', username=user.username, new_password=generated_password) # send email send_email(recipient=user.email, subject='Reset Password', template=email_msg) flash('New password was sent to your email account, please check your inbox') return redirect(url_for('home')) return render_template('reset.html', form=form, title='Forgot Password')