def change_pwd(token):
dbm = DataBaseManager()
user_email = dbm.verify_token(token)
field = validate.regex()
password = field.validate(field.password_pattern,
request.form.get("password"))
password_conf = password == request.form.get("password_conf")
err_msg = field.compose_error_message(password, password_conf)
if user_email is None:
return render_template("NewPwd.html", session=True)
else:
if err_msg is not None:
return render_template("NewPwd.html",
session=False,
token=token,
error=err_msg)
pwd_manager = Hash()
salt, hashpwd = pwd_manager.get_salt_hash(password)
stored_pwd = "$" + salt + "$" + hashpwd.decode("utf-8")
dbm.update_new_password(stored_pwd, user_email)
return redirect(url_for('render_gallery'))
def reset_token(token):
if 'authorized' in session and session['authorized'] is True:
return redirect(url_for("welcome"))
user_email = DataBaseManager.verify_token(token)
if user_email is None:
return render_template("NewPwd.html", session=True)
return render_template("NewPwd.html", session=False, token=token)