def activate_account(token: bytes) -> str: if current_user.is_authenticated: return redirect(url_for("main.index")) _id = verify_token(token).get("id", None) user = User.get_user(_id) if user: user.is_active = True db.session.commit() flash("You have activated your account successfully.") return redirect(url_for("auth.login")) flash("The activation link is invalid.") return redirect(url_for("main.index"))
def test_token(): token = get_confirmation_token(_id=1, text="test_text") token = verify_token(token) _id = token.get("_id", None) text = token.get("text", None) assert _id == 1 assert text == "test_text" token = get_confirmation_token(_id=5) token = verify_token(token) _id = token.get("_id", None) assert _id == 5 token = verify_token(b"wrong_token") _id = token.get("_id", None) assert not _id token = verify_token(b"wrong_token") _id = token.get("_id", None) text = token.get("text", None) assert not _id assert not text
def reset_password() -> str: if current_user.is_authenticated: return redirect(url_for("main.index")) token = request.args.get("token") _id = verify_token(token).get("id", None) user = User.get_user(_id) if not user: return redirect(url_for("main.index")) form = ChangePasswordForm() if form.validate_on_submit(): user.set_password(form.password.data) db.session.commit() flash("Your password has been reset.") return redirect(url_for("auth.login")) return render_template("auth/form.html", title="Change Password", form=form)
def confirm_email(token): try: email = verify_token(token) user = User.query.filter_by(email=email).first_or_404() if user.confirmed: flash('Account is already confirmed. Please login.', 'success') else: user.confirmed = True db.session.add(user) db.session.commit() flash('You have been confirmed. Thanks!', 'success') return redirect(url_for('main.index')) except: flash('The confirmation link is invalid or has expired', 'danger') return redirect(url_for('auth.unconfirmed'))
def complete_registration() -> str: if current_user.is_authenticated: return redirect(url_for("main.index")) token = request.args.get("token") _id = verify_token(token).get("id", None) user = User.get_user(_id) if not user: return redirect(url_for("main.index")) form = CompleteRegistrationForm() if form.validate_on_submit(): user.username = form.username.data user.set_password(form.password.data) user.is_active = True db.session.commit() flash("You have successfully complete the registration.") return redirect(url_for("auth.login")) return render_template("auth/form.html", title="Complete Registration", form=form)
def activate_email(token: bytes): token = verify_token(token) _id = token.get("id", None) email = token.get("email", None) if email: user = User.get_user(_id) if user == current_user: user.email = email try: db.session.commit() except IntegrityError: db.session.rollback() flash("You can not set this email address.") else: flash("You confirm your new email address.") else: flash("The email changing link is invalid.") return redirect(url_for("main.user", username=current_user.username))