def reset(uid, hash, htime):
if valid_forgot_code(uid, htime, "{}/{}".format(hash, htime)):
if request.method == "POST":
password = request.form.get("password")
password2 = request.form.get("password2")
if password != password2:
return render_template("reset.html",
error="Password Confirmation Error!")
if not validate_password(password):
return render_template(
"reset.html",
error=
"Password length should be between 8 and 30 characters.")
captcha_response = request.form.get("g-recaptcha-response")
if not validate_captcha(captcha_response):
return render_template("reset.html", error="Recaptcha Fail")
if is_abuse_check(request.remote_addr, prefix="reset",
threshold=5):
return render_template(
"reset.html", error="Abuse detected by your IP address.")
if User.reset_user_password(uid, password):
flash("Password Reset Success!")
return redirect(url_for("home"))
else:
return render_template("reset.html",
error="Password Reset Fail!")
else:
return render_template("reset.html", error=None)
else:
return render_template("reset.html", error="Invalid Reset Code")
