def send_reset_email(self):
user = g.User.get(email=self.data['email'])
domain = current_app.config['DOMAIN']
send_mail("Password reset on {0}".format(domain),
render_template('accounts/password_reset_request_email.txt',
**{'token': token_generator.make_token(user),
'domain': domain}),
user.email)
def test_password_reset_request_confirm(self):
# Show error if token is invalid
rv = self.client.get(url_for("accounts.password_reset_request_confirm", token="wrong"), follow_redirects=True)
self.assertEqual(rv.status_code, 200)
assert "The password reset link was invalid" in rv.data
# Deny access if logged in
self.login("*****@*****.**", "admin")
rv = self.client.get(url_for("accounts.password_reset_request_confirm", token="wrong"), follow_redirects=True)
self.assertEqual(rv.status_code, 403)
self.logout()
# Correct token allows login
from onelist.apps.accounts.tokens import token_generator
user = g.User.get(email="*****@*****.**")
token = token_generator.make_token(user)
rv = self.client.get(url_for("accounts.password_reset_request_confirm", token=token), follow_redirects=True)
self.assertEqual(rv.status_code, 200)
assert "*****@*****.**" in rv.data
