def update_password(): form = UpdatePasswordForm() if (form.validate_on_submit() or request.method == "POST"): user = User.query.get_or_404(current_user.id) if (user.check_password(form.curr_pass.data)): if (is_strong(form.password.data)): user.password_hash = User.gen_pass(form.password.data) db.session.commit() flash('Password Updated!') return redirect(url_for('user.account')) else: flash( 'Use a strong password (1 Upper and 1 lower case characters, 1 number, 1 symbol and minimum length of 6)' ) return redirect(url_for('user.update_password')) else: flash("Incorrect Password!") return redirect(url_for('user.update_password')) notifs = Notifications.query.filter_by(user_id=current_user.id).order_by( Notifications.date.desc()).all() return render_template('update-pass.html', form=form, notifs=notifs)
def change_password(token): try: email = serializer.loads(token, salt='forgot-confirm', max_age=(86400 * 2)) user = User.query.filter_by(email=email).first() login_user(user) session.permanent = True form = ChangePasswordForm() if (form.validate_on_submit() or request.method == "POST"): if (is_strong(form.password.data)): pswrd = User.gen_pass(form.password.data) user.password_hash = pswrd db.session.commit() flash("Password Reset!") return redirect(url_for('core.index')) else: flash( "Use a strong password (1 Upper and 1 lower case characters, 1 number, 1 symbol and minimum length of 6)" ) return redirect(url_for('user.change_password', token=token)) except SignatureExpired: email = serializer.loads(token, salt='forgot-confirm') user = User.query.filter_by(email=email).first() flash( 'Activation Link has expired. Please create go through the "Forgot Password" Process again!' ) return redirect(url_for('user.forgot_password')) except: flash('Invalid Token') return redirect(url_for('core.index')) return render_template('pass-reset.html', form=form)