def get(self, token):
# Verify token
token = UserToken.get_by_id(token)
if token is None:
self.add_message(
'The token could not be found, please resubmit your email.',
'error')
self.redirect_to('account-recovery')
return self.render_template('accounts/password_reset_complete.html', {
'form': self.form,
})
def post(self, token):
if self.form.validate():
token = UserToken.get_by_id(token)
# test current password
user = User.get_by_id(token.user_id)
if token is not None and user is not None:
# updated the Users password UserProfile with the new password
p = user.get_auth_id("password").get()
p.set_password(self.form.password.data)
p.put()
# Delete token
token.key.delete()
# Login User
self.add_message('Password updated successfully. '
'Login with your new password', 'success')
return self.redirect_to('auth-login')
self.add_message('Please correct the form errors.', 'error')
return self.get(token)
