def update_password():
form = UpdatePasswordForm()
if (form.validate_on_submit() or request.method == "POST"):
user = User.query.get_or_404(current_user.id)
if (user.check_password(form.curr_pass.data)):
if (is_strong(form.password.data)):
user.password_hash = User.gen_pass(form.password.data)
db.session.commit()
flash('Password Updated!')
return redirect(url_for('user.account'))
else:
flash(
'Use a strong password (1 Upper and 1 lower case characters, 1 number, 1 symbol and minimum length of 6)'
)
return redirect(url_for('user.update_password'))
else:
flash("Incorrect Password!")
return redirect(url_for('user.update_password'))
notifs = Notifications.query.filter_by(user_id=current_user.id).order_by(
Notifications.date.desc()).all()
return render_template('update-pass.html', form=form, notifs=notifs)
def change_password(token):
try:
email = serializer.loads(token,
salt='forgot-confirm',
max_age=(86400 * 2))
user = User.query.filter_by(email=email).first()
login_user(user)
session.permanent = True
form = ChangePasswordForm()
if (form.validate_on_submit() or request.method == "POST"):
if (is_strong(form.password.data)):
pswrd = User.gen_pass(form.password.data)
user.password_hash = pswrd
db.session.commit()
flash("Password Reset!")
return redirect(url_for('core.index'))
else:
flash(
"Use a strong password (1 Upper and 1 lower case characters, 1 number, 1 symbol and minimum length of 6)"
)
return redirect(url_for('user.change_password', token=token))
except SignatureExpired:
email = serializer.loads(token, salt='forgot-confirm')
user = User.query.filter_by(email=email).first()
flash(
'Activation Link has expired. Please create go through the "Forgot Password" Process again!'
)
return redirect(url_for('user.forgot_password'))
except:
flash('Invalid Token')
return redirect(url_for('core.index'))
return render_template('pass-reset.html', form=form)
