def post(self, code): errors = [] data = { 'page_title': 'Reset Password', 'errors': errors, } password = self.request.get('password') password_verify = self.request.get('password-verify') if not password or password != password_verify: errors.append( "Missing password or both passwords didn't match. Please try " "again." ) else: user = User.user_from_reset_code(code) if not user: errors.append( 'No account for this reset code! Please contact admin.' ) else: hash_pass = generate_password_hash(password) user.password = hash_pass user.pass_reset_code = None user.pass_reset_expire = None user.put() self.redirect('/login') return # reach here when there is an error to report self.render('password.html', **data)
def get(self, code): errors = [] data = { 'page_title': 'Reset Password', 'errors': errors, } logging.info('code: %s', code) user = User.user_from_reset_code(code) if not user: errors.append( 'This is not a valid password reset code. You can request ' 'another password reset code or contact admin for help.' ) else: expired = user.pass_reset_expire < datetime.datetime.now() if expired: errors.append( 'The password reset code has expired - you submitted this ' 'request more than an hour ago. Please make another ' 'request to change your password.' ) if errors: data['hide_form'] = True self.render('password.html', **data)