Exemple #1
0
def password_reset_request():
    form = PasswordResetRequestForm()
    if form.validate_on_submit():
        def accept(t):
            return PasswordResetRequest.query.filter_by(token=t).first() is None
        token = random_base64(accept)
        reset_link = url_for('auth.password_reset', _external=True, token=token)
        try:
            send_email(
                subject="Reset your Asset Tracker Password",
                sender=form.email.data,
                recipients=[form.email.data],
                body="Asset Tracker password reset link: %s\r\n\r\n\
                     This link will expire in 24 hours" % reset_link,
                html="Asset Tracker password reset link:<br> <a href=\"%s\">\
                     %s</a> <br><br>This link will expire in 24 hours" %
                     (reset_link, reset_link)
            )
            entry = PasswordResetRequest(
                token,
                User.query.filter_by(email=form.email.data).first()
            )
            db.session.add(entry)
            db.session.commit()
            flash("A link to reset your password has been sent to %s" %
                  form.email.data, "success")

        except Exception, e:
            if current_app.config.get('DEBUG'):
                raise e
            else:
                flash("Failed to send invite due to a %s error"
                      % e.__class__.__name__, 'danger')
Exemple #2
0
def invite_user():
    form = InviteForm()
    # users can only add users one privilege level below them
    form.role.choices = [(role.id, role.title) for role in Role.query.all()
                         if role.level > current_user.roles[0].level]
    if form.validate_on_submit():
        # the method is POST and the form is valid
        token = random_base64(lambda t: Invitation.get(t) is None)
        invitation = Invitation(
            token,
            form.email.data,
            Role.get_by_id(form.role.data),
            current_user
        )

        # invite_link: http://<host>/signup?invite=<token>
        invite_link = url_for('auth.signup', _external=True, invite=token)

        # prepare and send invitation email
        try:
            send_email(
                subject="Asset Tracker Invitation",
                sender=(current_user.name, current_user.email),
                recipients=[form.email.data],
                body="You've been invited to join Asset Tracker. Follow \
                    this link to sign up: %s" % invite_link,
                html="You've been invited to join Asset Tracker. Follow \
                    this link to sign up:<br> <a href=\"%s\">%s</a>" % \
                (invite_link, invite_link)
            )
            db.session.add(invitation)
            db.session.commit()
            flash("Invitation sent to %s" % form.email.data, 'success')
        except Exception, e:
            if current_app.config.get('DEBUG'):
                raise e
            else:
                flash("Failed to send invite due to a %s error"
                      % e.__class__.__name__, 'danger')
                return render_template('auth/invite.html', form=form)

        return redirect(url_for('index'))