Esempio n. 1
0
    def post(self):
        form = auth_forms.PasswordResetForm(request.form)
        context = self.get_context()
        response = {
            'error_message':    None,
            'was_successful':   False,
        }

        if form.validate():
            token = form.token.data
            if not token:
                context['form'] = auth_forms.PasswordForgotForm()
                return redirect(url_for('home'))

            email = auth_utils.validate_token(token)

            if not email:
                response['error_message'] = 'Invalid token.'
                return json.dumps(response)

            user = auth_models.WTUser.get_user_by_email(email)
            if user:
                logging.info("Password reset for %s" % user.email)
                user.update_password(form.password.data)

            response['was_successful'] = True
            return json.dumps(response)

        return json.dumps(response)
Esempio n. 2
0
    def get(self):
        token = request.args.get('token', None)
        context = self.get_context()

        if not token:
            return json.dumps({'error': 'Missing token.'})

        valid = auth_utils.validate_token(token)
        if not valid:
            return json.dumps({'error': 'Invalid token.'})

        context['token'] = token
        context['form'] = auth_forms.PasswordResetForm()
        return render_template('auth/reset_password.html', **context)