Exemplo n.º 1
0
def change_password():
    form = PasswordResetForm()
    if form.validate_on_submit():
        # Check that the user exists, and that the password is correct
        if bcrypt.check_password_hash(g.user.pwd_hash, form.current_password.data):
            g.user.pwd_hash = bcrypt.generate_password_hash(form.new_password.data)
            db.session.commit()
            # Redirect to the URL for the profile page
            flash("Password updated successfully!", "success")
            return redirect(url_for("profile.settingsProfile"))
        else:
            flash("Invalid Password", "danger")
    return render_template("settings.html", password_form=form, delete_form=DeleteProfileForm())
Exemplo n.º 2
0
def login():
    form = LoginForm()
    # Validate the submitted data
    if form.validate_on_submit():
        # Get the user by email address
        user = User.query.filter_by(email=form.email.data).limit(1).first()
        # Check that the user exists, and that the password is correct
        if user and bcrypt.check_password_hash(user.pwd_hash, form.password.data):
            # Log the user in
            login_user(user, remember=True)
            next = request.args.get("next")
            if next:
                return redirect(next)
            # Redirect to the URL for the profile page
            return redirect(url_for("profile.profile"))
        else:
            flash("Invalid Username/Password", "danger")
    return render_template("login.html", form=form)