def reset(uid, hash, htime): if valid_forgot_code(uid, htime, "{}/{}".format(hash, htime)): if request.method == "POST": password = request.form.get("password") password2 = request.form.get("password2") if password != password2: return render_template("reset.html", error="Password Confirmation Error!") if not validate_password(password): return render_template( "reset.html", error= "Password length should be between 8 and 30 characters.") captcha_response = request.form.get("g-recaptcha-response") if not validate_captcha(captcha_response): return render_template("reset.html", error="Recaptcha Fail") if is_abuse_check(request.remote_addr, prefix="reset", threshold=5): return render_template( "reset.html", error="Abuse detected by your IP address.") if User.reset_user_password(uid, password): flash("Password Reset Success!") return redirect(url_for("home")) else: return render_template("reset.html", error="Password Reset Fail!") else: return render_template("reset.html", error=None) else: return render_template("reset.html", error="Invalid Reset Code")