def test_invalid_reset_token(self):
u = Utente(password='******')
db.session.add(u)
db.session.commit()
token = u.generate_reset_token()
self.assertFalse(Utente.reset_password(token + 'a', 'horse'))
self.assertTrue(u.verify_password('cat'))
def test_valid_reset_token(self):
u = Utente(password='******')
db.session.add(u)
db.session.commit()
token = u.generate_reset_token()
self.assertTrue(Utente.reset_password(token, 'dog'))
self.assertTrue(u.verify_password('dog'))
def password_reset(token):
if not current_user.is_anonymous:
return redirect(url_for('main.index'))
form = PasswordResetForm()
if form.validate_on_submit():
if Utente.reset_password(token, form.password.data):
db.session.commit()
flash('Password aggiornata', 'success')
return redirect(url_for('utenti.login'))
else:
return redirect(url_for('main.index'))
return render_template('reset_password.html', form=form)