def password_reset_token(token):
try:
email = serialize.loads(token, salt = 'recover_password_key_token', max_age=86400)
except SignatureExpired:
return '<h1>The token has expired!</h1>'
form = PasswordForm(request.form)
if form.validate():
cur = mysql.connection.cursor()
fetch_query = '''SELECT username, enabled from user where email = %s'''
cur.execute(fetch_query, ([email]))
user_data = cur.fetchone()
user_status = user_data['enabled']
user_name = user_data['username']
new_password = sha256_crypt.encrypt(str(form.password.data))
current_app.logger.info(new_password)
pass_query = '''UPDATE user SET password = %s WHERE email = %s'''
cur.execute(pass_query, (new_password, [email]))
mysql.connection.commit()
flash('Password change successful. You can login now.', 'success')
# msg = 'Password change successful. You can login now.'
return redirect(url_for('site.login'))
return render_template('site/pass_reset_token.html', form=form, token=token)
def confirm_email(token):
try:
email = serialize.loads(token, salt = 'My-Token', max_age=86400)
except SignatureExpired:
return '<h1>The token has expired!</h1>'
# return '<h1>The token works!</h1>'
cur = mysql.connection.cursor()
first_query = ''' SELECT username, enabled from user where email = %s '''
cur.execute(first_query, ([email]))
user_data = cur.fetchone()
user_status = user_data['enabled']
user_name = user_data['username']
current_app.logger.info(user_status)
current_app.logger.info(user_name)
if user_status == True:
flash('Already activated', 'success')
session['logged_in'] = True
session['username'] = user_name
return redirect(url_for('site.dashboard'))
else:
query = '''UPDATE user SET enabled = %s WHERE email = %s'''
cur.execute(query, (True, [email]))
mysql.connection.commit()
flash('Account activated', 'success')
session['logged_in'] = True
session['username'] = user_name
return redirect(url_for('site.dashboard'))