def reset_password(token): if current_user.is_authenticated: return redirect(url_for('home')) user = User.verify_resent_token(token) if user is None: flash('Invalid or expired token', 'warning') return redirect(url_for('request_reset')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user.password = hashed_password db.session.commit() flash('Your password has been updated! You are now able to log in.', 'success') return redirect(url_for('login')) return render_template('reset_password.html', title='reset password', form=form)