def password_reset(): form = EmailForm(request.form) if form.validate(): email = form.email.data.strip() cur = mysql.connection.cursor() query = '''SELECT * from users_v2 WHERE email=%s''' cur.execute(query, [email]) user = cur.fetchone() token = serialize.dumps(email, salt='recover_password_key_token') current_app.logger.info(token) #prepare email msg email_msg = Message('Password reset requested', sender='*****@*****.**', recipients=[email]) link = url_for('site.password_reset_token', token=token, _external=True) email_msg.body = 'Please click on the link to change your password {}'.format( link) mail.send(email_msg) msg = 'A link for password change request has been sent to your Inbox.' return render_template('site/index.html', msg=msg) return render_template('site/password_reset.html', form=form)
def register(): form = RegisterForm(request.form) if request.method == 'POST' and form.validate(): fname = form.fname.data.strip() lname = form.lname.data.strip() email = form.email.data.strip().lower() username = form.username.data.strip().lower() password = sha256_crypt.encrypt(str(form.password.data)) enabled = False name = fname + ' ' + lname #create a cursor cur = mysql.connection.cursor() #query to check if user already exists reg_query_username = ''' select username from user where username = %s ''' cur.execute(reg_query_username, ([username])) existing_user = cur.fetchone() current_app.logger.info(existing_user) #logic to check if user already exists, if not, the insert logics will execute if existing_user is None: register_insert_query = ''' INSERT INTO user (name, fname, lname, email, username, password, enabled) VALUES(%s, %s, %s, %s, %s, %s, %s) ''' cur.execute(register_insert_query, (name, fname, lname, email, username, password, enabled)) mysql.connection.commit() enabled_username_query = ''' select username, enabled from user where username = %s ''' cur.execute(enabled_username_query, ([username])) user_data = cur.fetchone() enabled_fetch = user_data['enabled'] if enabled_fetch == 0: token = serialize.dumps(email, salt='My-Token') current_app.logger.info(token) #prepare email msg email_msg = Message('Confirm Email', sender='*****@*****.**', recipients=[email]) link = url_for('site.confirm_email', token=token, _external=True) email_msg.body = 'Your link is {}'.format(link) mail.send(email_msg) flash('Resistration Successful!', 'success') return render_template('site/index.html', data=token) #redirect(url_for('site.index')) #close cursor cur.close() else: flash('User already exits!', 'danger') # mysql.connection.close() return render_template('site/register.html', form=form)