def password_reset_token(token): try: email = serialize.loads(token, salt = 'recover_password_key_token', max_age=86400) except SignatureExpired: return '<h1>The token has expired!</h1>' form = PasswordForm(request.form) if form.validate(): cur = mysql.connection.cursor() fetch_query = '''SELECT username, enabled from user where email = %s''' cur.execute(fetch_query, ([email])) user_data = cur.fetchone() user_status = user_data['enabled'] user_name = user_data['username'] new_password = sha256_crypt.encrypt(str(form.password.data)) current_app.logger.info(new_password) pass_query = '''UPDATE user SET password = %s WHERE email = %s''' cur.execute(pass_query, (new_password, [email])) mysql.connection.commit() flash('Password change successful. You can login now.', 'success') # msg = 'Password change successful. You can login now.' return redirect(url_for('site.login')) return render_template('site/pass_reset_token.html', form=form, token=token)
def confirm_email(token): try: email = serialize.loads(token, salt = 'My-Token', max_age=86400) except SignatureExpired: return '<h1>The token has expired!</h1>' # return '<h1>The token works!</h1>' cur = mysql.connection.cursor() first_query = ''' SELECT username, enabled from user where email = %s ''' cur.execute(first_query, ([email])) user_data = cur.fetchone() user_status = user_data['enabled'] user_name = user_data['username'] current_app.logger.info(user_status) current_app.logger.info(user_name) if user_status == True: flash('Already activated', 'success') session['logged_in'] = True session['username'] = user_name return redirect(url_for('site.dashboard')) else: query = '''UPDATE user SET enabled = %s WHERE email = %s''' cur.execute(query, (True, [email])) mysql.connection.commit() flash('Account activated', 'success') session['logged_in'] = True session['username'] = user_name return redirect(url_for('site.dashboard'))