def reset_token(token):
"""
Goes to a secured site that set a new password for the corresponding email.
User inputs a new password and once submitted, the old password is replaced and new password is in its place/
:param token: The token link sent via email. Required in order to access the page
:return: If token is wrong or expired, print invalid message and redirects user back to the site that requests for
a valid email. Else, output is committed in database, a message saying "Your password updated!, and redirects user
to homepage."
"""
if current_user.is_authenticated:
return redirect(url_for('index'))
user = User.verify_reset_token(token)
if user is None: # If the token is wrong or expired
flash('That is an invalid or expired token', 'warning')
return redirect(url_for('reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_password = form.password.data
user.password = hashed_password
db.session.commit()
flash('Your password updated!')
return redirect(url_for('index'))
return render_template('reset_token.html',
title='Reset Password',
form=form)
def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for('main.home'))
user = User.verify_reset_token(token)
if user is None:
flash('That is an invalid or expired token', 'warning')
return redirect(url_for('users.reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user.password = hashed_password
db.session.commit()
flash('Your password has been updated! You are now able to log in',
'success')
return redirect(url_for('users.login'))
return render_template('reset_token.html',
title='Reset Password',
form=form)
