def confirm(code): if not constants.REQUIRE_EMAIL_CONFIRMATION: abort(404) try: email = token.decode(code, salt=constants.EMAIL_CONFIRMATION_SALT) except Exception as e: email = None if not email: # TODO: Render a nice error page here. return abort(404) user = User.query.filter_by(email=email).first() if not user: return abort(404) user.email_confirmed = True db.session.commit() if current_user == user: flash('Succesfully confirmed your email', 'success') return redirect(url_for("dashboard.home")) else: flash('Confirmed your email. Please login to continue', 'success') return redirect(url_for("auth.login"))
def reset_password(code): if not current_user.is_anonymous: flash('You must be logged out to reset your password', 'warning') return redirect(url_for("dashboard_home.index")) try: email = token.decode(code, salt=constants.PASSWORD_RESET_SALT) except Exception: email = None if not email: return abort(403) form = ChangePasswordForm() if form.validate_on_submit(): user = User.query.filter_by(email=email).one() user.password = form.password.data db.session.commit() login_user(user) flash("Changed your password succesfully", "success") return redirect( request.args.get("next") or url_for("dashboard_home.index")) return render_template("auth/reset_password.html", form=form)