def post(self, email): """Verify reset and set new password.""" # TODO: Move to controller data = flask.request.get_json() user = models.User.get_by_email(email) if not user: flask.abort(404) if not user.verify_token(data.get('token', '')): raise errors.AccessDeniedError('Invalid token.') if data['password'] != data['password2']: raise errors.ValidationError("Passwords don't match.") user.set_password(data['password']) models.commit() controllers.user_login(email, data['password']) return {'message': 'Password reset.'}
def post(self): """Login a user.""" data = flask.request.get_json() user = controllers.user_login(data['email'], data['password']) if not user: raise errors.LoginError('Invalid username/password') return dict(user=user, team=user.team)