def passwordreset(reset_key):
''' Password reset dialogue '''
form = ChangePasswordForm(request.form)
u = user.getUserByResetKey(reset_key)
if u:
if request.method == 'POST' and form.validate():
new_password = form.newpassword.data
u.setPassword(form.newpassword.data)
u.save()
flash('success|Password reset successfully')
return redirect(url_for('routes_user.login'))
else:
return render_template('user/passwordreset.html', form=form, reset_key=reset_key)
else:
flash('error|This password rest key is invalid')
return redirect(url_for('index'))
def changepassword():
''' Change a users password '''
result = {}
form = ChangePasswordForm(request.form)
if form.validate():
if g.current_user.checkPassword(form.oldpassword.data):
g.current_user.setPassword(form.newpassword.data)
g.current_user.save()
result['status'] = 'success'
flash('success|Password changed successfully')
# TODO: email a notice that their password changed.
else:
result['status'] = 'error'
result['message'] = 'The current password you supplied is incorrect.'
else:
result['status'] = 'error'
result['message'] = 'Validation failed with the following errors: %s' % form.errors
return jsonify(**result)
