def forgot_password():
form = ForgotPasswordForm(request.form)
if form.validate_on_submit():
email = form.email.data.strip().lower()
flash(
"If your email is correct, you are going to receive an email to reset your password",
"success",
)
user = User.get_by(email=email)
if user:
send_reset_password_email(user)
return redirect(url_for("auth.forgot_password"))
return render_template("auth/forgot_password.html", form=form)
def forgot_password():
form = ForgotPasswordForm(request.form)
if form.validate_on_submit():
email = form.email.data
user = User.get_by(email=email)
if not user:
error = "No such user, are you sure the email is correct?"
return render_template("auth/forgot_password.html",
form=form,
error=error)
send_reset_password_email(user)
return redirect(url_for("auth.forgot_password"))
return render_template("auth/forgot_password.html", form=form)
def forgot_password():
form = ForgotPasswordForm(request.form)
if form.validate_on_submit():
email = sanitize_email(form.email.data)
flash(
"If your email is correct, you are going to receive an email to reset your password",
"success",
)
user = User.get_by(email=email)
if user:
send_reset_password_email(user)
return redirect(url_for("auth.forgot_password"))
# Trigger rate limiter
g.deduct_limit = True
return render_template("auth/forgot_password.html", form=form)
def forgot_password():
"""
User forgot password
Input:
email
Output:
200 and a reset password email is sent to user
400 if email not exist
"""
data = request.get_json()
if not data or not data.get("email"):
return jsonify(error="request body must contain email"), 400
email = sanitize_email(data.get("email"))
user = User.get_by(email=email)
if user:
send_reset_password_email(user)
return jsonify(ok=True)
