def reset_post(): email = request.form.get('email') password = request.form.get('password') confirm = request.form.get('password_confirm') token = request.args.get('t') token = request.form.get('t', token) token = Token(token) if email: usr = user.get_by_email(email) if usr: reset_email(usr) return '', 201 if not validate_password(password, confirm, raise_error=False): return 'Invalid password', 403 if not token.value: return 'Invalid token', 403 if not token.user: return 'Invalid token', 403 user.set_password(token.user, password) login_user(token.user, remember=False) url = request.args.get('next') url = url or url_for('marketing.index') return make_response(('', 201, [('Location', url)]))
def login(data): data = data or dict() usr = user.get_by_username(data.get('login')) if not usr: usr = user.get_by_email(data.get('login')) if not usr: raise ValidationError('Invalid login or password') if not user.verify_password(usr, data.get('password')): raise ValidationError('Invalid login or password') remember = parse_boolean(data.get('remember')) login_user(usr, remember=remember) confirm_login() return usr
def add_invite(campaign, email): from pooldlib.api import user usr = user.get_by_email(email) q = InviteeModel.query.filter_by(campaign_id=campaign.id) if usr is not None: q = q.filter_by(user_id=usr.id) else: q = q.filter_by(email=email) existing_invite = q.first() if existing_invite is not None: return None invite = InviteeModel() invite.email = email invite.campaign_id = campaign.id if usr is not None: invite.user_id = usr.id with transaction_session() as session: session.add(invite) session.commit() return invite