def reset_password():
form = forms.ResetPasswordForm(request.form)
if request.method == 'POST' and form.validate():
salt, hash = logins.create_password_salt(form.new_password.data)
if database.reset_password(form.username.data, form.reset_code.data,
salt, hash):
return redirect("/login")
return render_template(
"reset_password.html",
form=form,
error="Reset failed, credentials provided are invalid.")
return render_template("reset_password.html", form=form)
def register():
form = forms.RegisterUserForm(request.form)
if request.method == 'POST' and form.validate():
if form.access_code.data == access_code and not database.get_user_details_from_username(
form.username.data):
salt, bcrypt_password = logins.create_password_salt(
form.password.data)
database.create_user(form.username.data, bcrypt_password, salt,
form.first_name.data, form.surname.data,
form.email.data)
return 'New user account created! <meta http-equiv="refresh" content="3;url=/login" />'
return "Error, unable to create user account. User may already exist or access code may be incorrect"
return (render_template("register.html", form=form))