def forgot(): try: email = request.json['email'] except KeyError: raise ApiError("must supply 'email'", 400) user = User.find_by_email(email) if user: if not user.is_active: raise ApiError('user not active', 403) send_password_reset(user) return jsonify(status='ok', message='password reset sent') else: raise ApiError('invalid email address', 400)
def send_password_reset(self) -> None: token = utils.generate_email_token(email=self.email, salt='reset') self._set_email_hash(token) utils.send_password_reset(self, token)