def reset_post(): email = request.form.get('email') password = request.form.get('password') confirm = request.form.get('password_confirm') token = request.args.get('t') token = request.form.get('t', token) token = Token(token) if email: usr = user.get_by_email(email) if usr: reset_email(usr) return '', 201 if not validate_password(password, confirm, raise_error=False): return 'Invalid password', 403 if not token.value: return 'Invalid token', 403 if not token.user: return 'Invalid token', 403 user.set_password(token.user, password) login_user(token.user, remember=False) url = request.args.get('next') url = url or url_for('marketing.index') return make_response(('', 201, [('Location', url)]))
def signup(data, login=True, remember=False): data = data or dict() email = data.get('email') username = data.get('username') password = data.get('password') confirm = data.get('password_confirm') email = validate_email(email) username = validate_username(username) password = validate_password(password, confirm) try: usr = user.create(username, password, email=email) except exc.InvalidPasswordError: raise ValidationError('Invalid Password') except exc.UsernameUnavailableError: raise ValidationError('Username has already been taken') except exc.EmailUnavailableError: raise ValidationError('Email has already been taken') if login: login_user(usr, remember=remember) return usr