def reset_token(token): """ Goes to a secured site that set a new password for the corresponding email. User inputs a new password and once submitted, the old password is replaced and new password is in its place/ :param token: The token link sent via email. Required in order to access the page :return: If token is wrong or expired, print invalid message and redirects user back to the site that requests for a valid email. Else, output is committed in database, a message saying "Your password updated!, and redirects user to homepage." """ if current_user.is_authenticated: return redirect(url_for('index')) user = User.verify_reset_token(token) if user is None: # If the token is wrong or expired flash('That is an invalid or expired token', 'warning') return redirect(url_for('reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_password = form.password.data user.password = hashed_password db.session.commit() flash('Your password updated!') return redirect(url_for('index')) return render_template('reset_token.html', title='Reset Password', form=form)
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('main.home')) user = User.verify_reset_token(token) if user is None: flash('That is an invalid or expired token', 'warning') return redirect(url_for('users.reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user.password = hashed_password db.session.commit() flash('Your password has been updated! You are now able to log in', 'success') return redirect(url_for('users.login')) return render_template('reset_token.html', title='Reset Password', form=form)