def reset_password_request():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = ForgotPassword()
if form.validate_on_submit():
user = UserAuthentication.query.filter_by(
username=form.username.data).first()
if user:
email = form.email.data
message = _(
"Check your email for the instructions to reset your password. Check your junk mail too when you didn't receive anything"
)
if user.user().email:
email = user.user().email
message = _(
"There was already an email attached to this user, using that one instead. "
) + message
send_password_reset_email(user, email)
flash(message)
return redirect(url_for('auth.login'))
else:
flash(_('No user found with the given name.'))
return redirect(url_for('auth.reset_password_request'))
return render_template('auth/forgot_password.html',
title='Reset Password',
form=form)
def reset_password_request():
if current_user.is_authenticated: # redirect to index page if not logged in
return redirect(url_for('main.index'))
form = ResetPasswordRequestForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user:
send_password_reset_email(user)
flash('Please check your email to reset your password.') # flash even if email is not recognized so this can't be used to figure out if someone is registered or not
return redirect(url_for('auth.login'))
return render_template('auth/reset_password_request.html', title='Reset Password', form=form)
def reset_password_request():
if current_user.is_authenticated:
return redirect(url_for('home.index'))
form = ResetPasswordRequestForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user:
send_password_reset_email(user)
flash('Check your email for the instructions to reset your password')
return redirect(url_for('auth.login'))
return render_template('auth/reset_password_request.html',
title='Reset Password', form=form)
def password_reset_request():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = ResetPasswordRequestForm()
if form.validate_on_submit():
employee = Employee.query.filter_by(email=form.email.data).first()
if employee:
send_password_reset_email(employee)
flash('An email has been sent to the address you have provided.')
return redirect(url_for('auth.login'))
flash('Invalid email. There is not such email registered.')
return redirect(url_for('auth.login'))
return render_template('auth/reset_password_request.html',
title='Password Reset',
form=form)