def forget():
if get_current_user() or \
(request.form and 'cancel' in request.form):
return redirect(url_for('index'))
if request.method == 'GET':
return render_template('account.forget.html')
email = request.form.get('email', None)
status = check_email(email)
if status:
return render_template('account.forget.html', error=status[1])
user = get_user_by_email(email=email)
if user:
stub = create_token(20)
try:
send_email(user.email, \
'Xiaomen.co Account Service',
r'''http://account.xiaomen.co/account/reset/%s click this''' % stub)
except:
logger.exception("send mail failed")
db.session.add(Forget(user.id, stub))
db.session.commit()
return render_template('account.forget.html', send=1)
def _change_password(user, password):
user.token = create_token(16)
user.passwd = User.create_password(password)
account_login(user)
db.session.add(user)