def send_reset_email(self): user = g.User.get(email=self.data['email']) domain = current_app.config['DOMAIN'] send_mail("Password reset on {0}".format(domain), render_template('accounts/password_reset_request_email.txt', **{'token': token_generator.make_token(user), 'domain': domain}), user.email)
def test_password_reset_request_confirm(self): # Show error if token is invalid rv = self.client.get(url_for("accounts.password_reset_request_confirm", token="wrong"), follow_redirects=True) self.assertEqual(rv.status_code, 200) assert "The password reset link was invalid" in rv.data # Deny access if logged in self.login("*****@*****.**", "admin") rv = self.client.get(url_for("accounts.password_reset_request_confirm", token="wrong"), follow_redirects=True) self.assertEqual(rv.status_code, 403) self.logout() # Correct token allows login from onelist.apps.accounts.tokens import token_generator user = g.User.get(email="*****@*****.**") token = token_generator.make_token(user) rv = self.client.get(url_for("accounts.password_reset_request_confirm", token=token), follow_redirects=True) self.assertEqual(rv.status_code, 200) assert "*****@*****.**" in rv.data