def reset_with_token(token): try: password_reset_serializer = URLSafeTimedSerializer( app.config['SECRET_KEY']) email = password_reset_serializer.loads(token, salt='password-reset-salt', max_age=3600) except: flash('The password reset link is invalid or has expired.', 'error') return redirect(url_for('users.login')) form = PasswordForm() if form.validate_on_submit(): try: user = User.query.filter_by(email=email).first_or_404() except: flash('Invalid email address!', 'error') return redirect(url_for('users.login')) user.password = form.password.data db.session.add(user) db.session.commit() flash('Your password has been updated!', 'success') return redirect(url_for('users.login')) return render_template('reset_password_with_token.html', form=form, token=token)
def reset_with_token(token): try: serializer = URLSafeTimedSerializer(app.config['SECRET_KEY']) email = serializer.loads(token, salt='password-reset', max_age=3600) except BadData: flash('The password reset link is invalid or has expired.', 'error') return redirect(url_for('user.reset')) form = PasswordForm() if request.method == 'POST': if form.validate_on_submit(): user = User.query.filter_by(email=email).first() if user is None: flash("Invalid email address!", 'error') return redirect(url_for('user.login')) user.password_ = form.password.data db.session.add(user) db.session.commit() flash("Your password has been updated!", 'success') return redirect(url_for('user.login')) return render_template('form_reset_password_with_token.html', form=form, token=token)
def user_password_change(): form = PasswordForm() if request.method == 'POST': if form.validate_on_submit(): user = current_user user.password = form.password.data db.session.add(user) db.session.commit() flash('Password has been updated!', 'success') return redirect(url_for('users.user_profile')) return render_template('password_change.html', form=form)
def user_password_change(): form = PasswordForm(request.form) if request.method == 'POST': if form.validate_on_submit(): user = current_user if not user.is_correct_password(form.old_password.data): flash('Sorry, your current password is incorrect', 'error') return redirect(url_for('user.user_password_change')) user.password_ = form.password.data db.session.add(user) db.session.commit() flash('Password had been updated!', 'success') return render_template('form_password_change.html', form=form)
def show(id): found_user = User.query.get(id) if request.method == 'GET': form = EditForm(obj=found_user) return render_template('users/show.html', user=found_user, form=form) if request.method == b'PATCH': if request.form.get('username', None) is not None: form = EditForm(request.form) if form.validate(): found_user.username = form.username.data found_user.email = form.email.data is_authenticated = bcrypt.check_password_hash( found_user.password, form.password.data) if is_authenticated: db.session.add(found_user) db.session.commit() return redirect(url_for('root')) return render_template('users/show.html', user=found_user, form=form) else: form2 = PasswordForm(request.form) if form2.validate(): if bcrypt.check_password_hash(found_user.password, form2.current.data): found_user.new_password = bcrypt.generate_password_hash( form2.new_password.data).decode('UTF-8') db.session.add(found_user) db.session.commit() flash('You have succesfully changed your password') return redirect(url_for('root')) flash('Please provide the right password') return render_template('users/password.html', form=form2, user=found_user) return render_template('users/password.html', form=form2, user=found_user)
def password(id): user = User.query.get(id) form = PasswordForm(request.form) return render_template('users/password.html', form=form, user=user)