def post(self, code):
errors = []
data = {
'page_title': 'Reset Password',
'errors': errors,
}
password = self.request.get('password')
password_verify = self.request.get('password-verify')
if not password or password != password_verify:
errors.append(
"Missing password or both passwords didn't match. Please try "
"again."
)
else:
user = User.user_from_reset_code(code)
if not user:
errors.append(
'No account for this reset code! Please contact admin.'
)
else:
hash_pass = generate_password_hash(password)
user.password = hash_pass
user.pass_reset_code = None
user.pass_reset_expire = None
user.put()
self.redirect('/login')
return
# reach here when there is an error to report
self.render('password.html', **data)
def get(self, code):
errors = []
data = {
'page_title': 'Reset Password',
'errors': errors,
}
logging.info('code: %s', code)
user = User.user_from_reset_code(code)
if not user:
errors.append(
'This is not a valid password reset code. You can request '
'another password reset code or contact admin for help.'
)
else:
expired = user.pass_reset_expire < datetime.datetime.now()
if expired:
errors.append(
'The password reset code has expired - you submitted this '
'request more than an hour ago. Please make another '
'request to change your password.'
)
if errors:
data['hide_form'] = True
self.render('password.html', **data)
