def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): if current_user.vertify_password(form.old_password.data): current_user.password = form.password.data db.session.add(current_user) flash('your password has been updated') return redirect(url_for('main.index')) else: flash('Invalid password.') return render_template('auth/change_password.html',form=form)
def change_email_request(): form = ChangeEmailForm() if form.validate_on_submit(): if current_user.vertify_password(form.password.data): new_email = form.email.data token = current_user.generate_email_change_token(new_email)#此处是生成email_change_token send_mail(new_email,'Confirm your new email','auth/email/change_email',user=current_user,token=token) flash('an email with constructions to confirm your new email has been sent to you') return redirect(url_for('main.index')) else: flash('Incorrect password') return render_template('auth/change_email.html',form=form)