def activate_account(token: bytes) -> str:
if current_user.is_authenticated:
return redirect(url_for("main.index"))
_id = verify_token(token).get("id", None)
user = User.get_user(_id)
if user:
user.is_active = True
db.session.commit()
flash("You have activated your account successfully.")
return redirect(url_for("auth.login"))
flash("The activation link is invalid.")
return redirect(url_for("main.index"))
def test_token():
token = get_confirmation_token(_id=1, text="test_text")
token = verify_token(token)
_id = token.get("_id", None)
text = token.get("text", None)
assert _id == 1
assert text == "test_text"
token = get_confirmation_token(_id=5)
token = verify_token(token)
_id = token.get("_id", None)
assert _id == 5
token = verify_token(b"wrong_token")
_id = token.get("_id", None)
assert not _id
token = verify_token(b"wrong_token")
_id = token.get("_id", None)
text = token.get("text", None)
assert not _id
assert not text
def reset_password() -> str:
if current_user.is_authenticated:
return redirect(url_for("main.index"))
token = request.args.get("token")
_id = verify_token(token).get("id", None)
user = User.get_user(_id)
if not user:
return redirect(url_for("main.index"))
form = ChangePasswordForm()
if form.validate_on_submit():
user.set_password(form.password.data)
db.session.commit()
flash("Your password has been reset.")
return redirect(url_for("auth.login"))
return render_template("auth/form.html", title="Change Password", form=form)
def confirm_email(token):
try:
email = verify_token(token)
user = User.query.filter_by(email=email).first_or_404()
if user.confirmed:
flash('Account is already confirmed. Please login.', 'success')
else:
user.confirmed = True
db.session.add(user)
db.session.commit()
flash('You have been confirmed. Thanks!', 'success')
return redirect(url_for('main.index'))
except:
flash('The confirmation link is invalid or has expired', 'danger')
return redirect(url_for('auth.unconfirmed'))
def complete_registration() -> str:
if current_user.is_authenticated:
return redirect(url_for("main.index"))
token = request.args.get("token")
_id = verify_token(token).get("id", None)
user = User.get_user(_id)
if not user:
return redirect(url_for("main.index"))
form = CompleteRegistrationForm()
if form.validate_on_submit():
user.username = form.username.data
user.set_password(form.password.data)
user.is_active = True
db.session.commit()
flash("You have successfully complete the registration.")
return redirect(url_for("auth.login"))
return render_template("auth/form.html", title="Complete Registration", form=form)
def activate_email(token: bytes):
token = verify_token(token)
_id = token.get("id", None)
email = token.get("email", None)
if email:
user = User.get_user(_id)
if user == current_user:
user.email = email
try:
db.session.commit()
except IntegrityError:
db.session.rollback()
flash("You can not set this email address.")
else:
flash("You confirm your new email address.")
else:
flash("The email changing link is invalid.")
return redirect(url_for("main.user", username=current_user.username))