def do_password_reset():
token = session['reset_token']
if not token:
flash("Token not found!", "danger")
return redirect(url_for('auth.login'))
user = User.verify_reset_password_token(token)
if not user:
flash("Password reset token is invalid or has expired.", "danger")
session.pop('reset_token',
None) # remove the invalid token from the session
return redirect(url_for('auth.login'))
form = ResetPasswordForm()
if form.validate_on_submit():
user.set_password(form.password.data)
EmailToken.expire_token(tokenstr=token)
session.pop('reset_token',
None) # remove the reset token from the session
# No need to db.session.commit() because expire_token commits the session for us
flash('Your password has been reset.', "success")
return redirect(url_for('auth.login'))
return render_template('auth/password_reset.html',
title="Reset Password",
form=form)
def accept_invite():
token = session['invite_token']
if not token:
flash("Token not found!", "danger")
return redirect(url_for('auth.login'))
user = User.verify_invite_token(token)
if not user:
flash("Invite token is invalid or has expired", "danger")
session.pop('invite_token',
None) # remove the invalid token from the session
return redirect(url_for('auth.login'))
form = InviteConfirmForm()
if form.validate_on_submit():
user.set_password(form.password.data)
EmailToken.expire_token(tokenstr=token)
session.pop('invite_token',
None) # remove the invite token from the session
# No need to db.session.commit() because expire_token commits the session for us
flash('Your password has been set.', "success")
return redirect(url_for('auth.login'))
return render_template('auth/accept_invite.html',
title="Accept Invitation",
form=form)
def verify_token(token, token_type):
from app.models import EmailToken
myToken = EmailToken.get_token(token)
if myToken and myToken.verify_token(token_type):
return User.query.get(myToken.user_id)
else:
return False
def new_token(self, token_type):
from app.models import EmailToken
newToken = EmailToken.new_token(user_id=self.id, token_type=token_type)
return newToken.token