def verify():
if request.method == 'GET':
loginhash = request.args.get('login')
if not loginhash:
message = "Invalid URL. Please contact system administrator."
return render_template('account/message.jade', message=message)
account = Account.by_login_hash(loginhash)
if not account:
message = "This URL is no longer valid. If you have an account, you can reset your password at the " + \
" <a href='" + url_for('account.trigger_reset') + "'>password reset page</a>. Or you can register at \
<a href='" + url_for('account.login') + "'>login page</a>"
return render_template('account/message.jade', message=message)
#request.form.loginhash = {"data":loginhash}
values = {'loginhash': loginhash, "csrf_token": generate_csrf_token()}
return render_template('account/verify.jade', account=account, form_fill=values)
else:
loginhash = request.form.get('loginhash')
if not loginhash:
message = "We cannot find your unique URL"
return render_template('account/message.jade', message=message)
account = Account.by_login_hash(loginhash)
if not account:
message = "We could not find your account"
return render_template('account/message.jade', message=message)
password1 = request.form.get('password1')
password2 = request.form.get('password2')
# Check if passwords match, return error if not
if password1 != password2:
error = "Your passwords do not match"
return render_template('account/verify.jade', loginhash=loginhash, account=account, error=error)
account.password = generate_password_hash(password1)
#reset that hash but don't send it.
account.reset_loginhash()
account.verified = True
db.session.commit()
flash_success("Password saved and you are now verified. Thank you.")
login_user(account, remember=True)
return redirect(url_for('home.index'))
def verify():
if request.method == 'GET':
loginhash = request.args.get('login')
if not loginhash:
message = "Invalid URL. Please contact system administrator."
return render_template('account/message.jade', message=message)
account = Account.by_login_hash(loginhash)
if not account:
message = "This URL is no longer valid. If you have an account, you can reset your password at the " + \
" <a href='" + url_for('account.trigger_reset') + "'>password reset page</a>. Or you can register at \
<a href='" + url_for('account.login') + "'>login page</a>"
return render_template('account/message.jade', message=message)
#request.form.loginhash = {"data":loginhash}
values = {'loginhash': loginhash, "csrf_token": generate_csrf_token()}
return render_template('account/verify.jade',
account=account,
form_fill=values)
else:
loginhash = request.form.get('loginhash')
if not loginhash:
message = "We cannot find your unique URL"
return render_template('account/message.jade', message=message)
account = Account.by_login_hash(loginhash)
if not account:
message = "We could not find your account"
return render_template('account/message.jade', message=message)
password1 = request.form.get('password1')
password2 = request.form.get('password2')
# Check if passwords match, return error if not
if password1 != password2:
error = "Your passwords do not match"
return render_template('account/verify.jade',
loginhash=loginhash,
account=account,
error=error)
account.password = generate_password_hash(password1)
#reset that hash but don't send it.
account.reset_loginhash()
account.verified = True
db.session.commit()
flash_success("Password saved and you are now verified. Thank you.")
login_user(account, remember=True)
return redirect(url_for('home.index'))
