def reset_password_link_page(urlsafe_string): try: temp_url = TemporaryUrl.get_by_id(int(urlsafe_string)) except Exception as e: logging.info(e) return render_template('not_found_page.html'), 404 if not temp_url.isActive(): logging.info('password reset link expired') return render_template('not_found_page.html'), 404 if not temp_url.user_key: logging.info('Reset link with no user key') return render_template('not_found_page.html'), 404 form = ResetPasswordForm() if form.validate_on_submit(): user = temp_url.user_key.get() user.password = generate_password_hash(form.password.data) user.put() temp_url.isValid = False temp_url.put() return redirect(url_for('web_app.home_page')) return render_template('reset_password_link_page.html', form=form, urlsafe_string=urlsafe_string)
def resetpassword(): form = ResetPasswordForm() if request.method == 'GET': return render_template('modify.html', form=form) else: if form.validate_on_submit(): with g.db as cur: sql2 = 'select * from usertable where user_id="{0}" and user_password="******"'.format( form.user_id.data, form.user_password.data) cur.execute(sql2) infos = [dict(id=row[0]) for row in cur.fetchall()] if infos == []: flash('Invalid!') else: with g.db as cur: sql = """update usertable set user_password= '******' where user_id='{1}' """.format(form.user_newpassword.data, form.user_id.data) cur.execute(sql) flash('You have resetpassword!') else: flash(form.errors) return redirect(url_for('show_todo_list'))
def password_reset(token): email = confirm_token(token) user = User.query.filter_by(email=email).first() if user and user.reset: form = ResetPasswordForm(request.form) kwargs = { 'page_title': 'Reset Password', 'form_title': 'Reset Your Password', 'action': url_for('password_reset', token=token), 'primary_button': 'Submit', 'links': [('Need help?', '#')] } if form.validate_on_submit(): user.password = bcrypt.generate_password_hash(form.password.data) user.reset = False db.session.commit() flash( 'Your password has been successfully reset. You can log in now.', 'success') return redirect(url_for('homepage')) return render_template('formbuilder.html', form=form, **kwargs) else: flash('The reset password link is invalid or has expired.', 'danger') return redirect(url_for('homepage'))
def reset_token(token): '''This function will update the new password for the user.''' username = session['username'] valid = verify_reset_token(token) con = mysql.connect() cursor = con.cursor() if valid is False: flash('This URL has expired', 'warning') return redirect(url_for('forgot_password')) form = ResetPasswordForm() userDetails = request.form if form.validate_on_submit(): password = bcrypt.generate_password_hash(str( userDetails['password'])).decode('utf-8') res = cursor.execute("SELECT * from USERS WHERE Email = %s;", (username)) if int(res) > 0: cursor.execute("UPDATE USERS SET Password = %s WHERE Email = %s", (password, username)) con.commit() flash('Your password has been updated!', 'success') return redirect(url_for('login')) else: print("Record Not found") flash("Email id does not exist", "error") con.close() return render_template('reset_token.html', title='Reset Password', form=form)
def reset_password(): form = ResetPasswordForm() if form.validate_on_submit(): # Query "users" database for hash using lookup user = db.execute("SELECT * FROM user WHERE user_id = :user_id", user_id=session.get("user_id")) # Ensure current password is entered correctly if not check_password_hash(user[0]["hashed_pw"], form.current_password.data): flash('Current Password is invalid. Please re-enter', 'danger') return redirect("/account_settings") else: # Hash new password hashed_pw = generate_password_hash(form.new_password.data) # Update password in "user" table update_hash = db.execute( "UPDATE user SET hashed_pw = :hashed_pw WHERE user_id = :user_id", user_id=int(session.get("user_id")), hashed_pw=hashed_pw) # flash message flash('Password has been updated successfully!', 'success') else: flash("Sorry, we're unable to reset your password.", 'danger') return redirect("/account_settings")
def reset_password(): form = ResetPasswordForm() if request.method == 'GET': forgot_password_token = request.args.get('token') user = User.query.filter(User.forgotPasswordToken == forgot_password_token).first() if not user: abort(404) return render_template('reset_password.html', form=form, token=user.forgotPasswordToken) if request.method == 'POST': if form.validate_on_submit(): if form.password.data != form.retype_password.data: flash("Entered passwords did not match") user = User.query.filter(User.forgotPasswordToken == request.form.get('token').strip()).first() if user: user.set_password(form.retype_password.data) user.forgotPasswordToken = "" db.session.commit() return redirect(url_for("api.home")) else: abort(404) abort(405)
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('admin')) user = User.varify_reset_token(token) if user is None: flash('that is invalid or expired token ', 'warning') return redirect(url_for('reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): register = Register(name=form.name.data, username=form.username.data, email=form.email.data, password=form.password.data, country=form.country.data, city=form.city.data, contact=form.contact.data, address=form.address.data, zipcode=form.zipcode.data) db.session.add(register) flash(f'Welcome {form.name.data} Thank you for registering', 'success') db.session.commit() return redirect(url_for('customerLogin')) return render_template('customer/reset_token.html', title='Reset Password', form=form)
def reset(): token = request.args.get('token') if not token: log_message(f'no token attempted reset') abort(404) try: user = User.deserialize(token) except SignatureExpired: flash('Expired Token', 'danger') log_message('expired token reset attempt') return redirect(url_for('main.index')) except BadSignature: flash('Invalid token', 'danger') log_message('bad signature reset attempt') return redirect(url_for('main.index')) form = ResetPasswordForm() if form.validate_on_submit(): log_message(f'user_id: {user.id} changed password') user.change_password(form.password.data) db.session.add(user) db.session.commit() flash('Password reset', 'success') login_user(user) return redirect(url_for('dash.index')) return render_template('auth/reset.html.j2', form=form)
def reset_password(serialized_token): expired, invalid, user = unserialize_token(serialized_token, 'reset') if expired: flash(msgs['LINK_EXPIRED'], 'error') return redirect(url_for('.index')) if invalid: flash(msgs['LINK_INVALID'], 'error') return redirect(url_for('.index')) form = ResetPasswordForm() form.login.data = user.login if form.validate_on_submit(): encrypted_password = encrypt_password(form.password.data) user.passhash = encrypted_password db.session.add(user) db.session.commit() form.dispose_password() flash(msgs['RESET_PASSWORD_SUCCESS']) return redirect(url_for('.login')) for field in form.errors: flash('<strong>' + field.capitalize() + '</strong>' + ': ' + form.errors[field][0], 'error') return render_template('reset_password.html', form=form, serialized_token=serialized_token)
def post(self,token): headers = {'Content-Type': 'text/html'} form = ResetPasswordForm() if form.validate_on_submit(): #user.set_password(form.password.data) #db.session.commit() updatePassword(token,form.password.data) return make_response(render_template('reset_password.html',form=form),200,headers)
def reset_password(username): form = ResetPasswordForm() if form.validate_on_submit(): password = form.password.data user = User.update_password(username, password) return redirect('/login')
def forgotten_password(): form = ResetPasswordForm() if form.validate_on_submit(): registered_user = retrieve_user_by_name(username=form.username.data) if registered_user != 'unknown user' and registered_user.email == form.email.data: send_mail(form.email.data, 'reset_password') return '<h1>A link has been sent to your registered email to reset your password</h1>' else: return '<h1>username or email is not registered</h1>' return render_template('Forgotten_Password.html', form=form)
def admin_reset_password(): form = ResetPasswordForm() if form.validate_on_submit(): admin_id = current_user.id admin = Admin.query.get(int(admin_id)) admin.password = generate_password_hash(form.password.data) admin.is_pw_changed = True db.session.commit() return redirect(url_for('admin_dashboard')) return render_template('admin/reset_password.html', form=form)
def password_reset(): if current_user.is_authenticated: return redirect(url_for('index')) form = ResetPasswordForm() if form.validate_on_submit(): user = UserData.query.filter_by(email=form.email.data).first() if user: token = user.generate_password_reset() send_email(user.email, 'Forex Access Reset Your Password', 'email_password_reset', user=user, token=token) flash('Check Your email for the instructions to reset your password') return render_template('password_reset.html', form=form)
def reset_password(token): if current_user.is_authenticated: return redirect(url_for('index')) user = Student.verify_reset_password_token(token) if not user: return redirect(url_for('index')) form = ResetPasswordForm() if form.validate_on_submit(): user.set_password(form.password.data) db.session.commit() flash('Your password has been reset.') return redirect(url_for('login')) return render_template('reset_password.html', form=form)
def profile(): password_reset_form = ResetPasswordForm() username_reset_form = ResetUsernameForm() existing_user = user.query.filter_by(email=current_user.email).first() security_question = security_question_dict[existing_user.security_question] existing_answer = existing_user.security_answer existing_password = existing_user.password if password_reset_form.validate_on_submit(): security_answer = password_reset_form.security_answer.data new_password = password_reset_form.new_password.data if not check_password_hash(existing_answer, security_answer): flash("wrong security answer") return redirect(url_for('auth.profile')) print(new_password) existing_user.password = generate_password_hash(new_password, method='sha256') try: db.session.commit() return redirect(url_for('index')) except: return "Update error" if username_reset_form.validate_on_submit(): old_password = username_reset_form.old_password.data new_username = username_reset_form.new_username.data if not check_password_hash(existing_password, old_password): flash("wrong password or security answer") return redirect(url_for('auth.profile')) user_already_exists = user.query.filter_by( username=new_username).first() if user_already_exists: flash("username is taken") return redirect(url_for('auth.profile')) existing_user.username = new_username try: db.session.commit() return redirect(url_for('index')) except: return "Update error" return render_template('profile.html', current_user=current_user, password_reset_form=password_reset_form, username_reset_form=username_reset_form, security_question=security_question)
def reset_password(): # This function will reset the user password, send an email to the user at the entered email address. from datetime import datetime form = ResetPasswordForm() if form.validate_on_submit(): # Checks is the entered email address is in the database and assigns to user user = User.query.filter_by(email=form.email.data).first() if user: # if user email is verified, reset_key is created and the current time is stored reset_key_request = create_random_pwd() reset_time_request = datetime.now() # set user reset_key and reset_timer user.reset_key = reset_key_request user.reset_timer = reset_time_request.day + 100 # save day as integer + 100 reset_url = 'http://safety.americanpeptide.com/password_reset?email=%s&password_reset_key=%s' % (user.email, reset_key_request) flash("A password reset key has been created. Please check your email for the reset key to\ change your password.") msg = Message('Your Password Reset Key.', sender=('Safety Training Website', '*****@*****.**'), recipients=[user.email]) msg.html = """ <h2>User Password Reset</h2> <p>Hello %s %s.</p> <p>You have requested to change your password for the email %s. If you did not request to change your password, please ignore this message.</p> <p>To change your password, click on the following link. Enter the password reset key then enter your new password.</p> <p>Your Password Reset Key is: <strong> %s </strong></p> <p><a href="%s">Click here to reset your password.</a></p> """ % (user.firstname, user.lastname, user.email, reset_key_request, reset_url) mail.send(msg) # db.session.add(user) # print "session add user" db.session.commit() print "session commit user" return redirect(url_for('login')) else: flash("The email address that was entered is not valid. Please check the email and try again.") return render_template('reset_password.html', form=form)
def reset_password(token): if not current_user.is_anonymous: return redirect(url_for('main.index')) form = ResetPasswordForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is None: return redirect(url_for('main.index')) if user.reset_password(token,form.password.data): flash('You password have been update') return redirect(url_for('auth.login')) else: return redirect(url_for('main.index')) return render_template('auth/reset_password.html',form = form)
def reset_password(token): if current_user.is_authenticated: return redirect(url_for('profile.list_bookmarks')) user = User.verify_reset_password_token(token) if not user: return redirect(url_for('home.homepage')) form = ResetPasswordForm() if form.validate_on_submit(): user.password(form.password.data) db.session.commit() flash('Your password has been reset.') return redirect(url_for('auth.login')) return render_template('email/reset_password.html', form=form)
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('signup')) user = User.verify_reset_token(token) if user is None: flash('That is invalid or expired token', 'warning') return redirect(url_for('reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): password = generate_password_hash(form.password.data) user.password = password db.session.commit() flash('Yor password has been updated!', 'success') return redirect(url_for('login')) return render_template('reset_token.html', form=form)
def reset_token(token): student = Student.get_verify_token(token) if student is None: flash('Invalid or expired tokens', 'danger') return redirect(url_for('reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_pass = bcrypt.generate_password_hash( form.password.data).decode('utf-8') student.password = hashed_pass db.session.commit() flash('Your password has been updated', 'success') return redirect(url_for('login')) return render_template('reset_token.html', title='Reset password', form=form)
def reset_password(token): serializer = URLSafeTimedSerializer('asdfghjkl') try: email = serializer.loads(token, 86400) except SignatureExpired: return 'Token Expired' user = User.query.filter_by(email=email).first() if user: form = ResetPasswordForm() if form.validate_on_submit(): user.password_hash = user.hash_password(form.new_password.data) db.session.commit() flash('Password Changed!') return redirect(url_for('register')) return render_template('reset_password.html', form=form) return 'Password Reset Link Expired'
def resetPassword(token): if current_user.is_authenticated: return redirect(url_for('index')) user = User.verify_reset_token(token) if user is None: flash('Invalid or expired password reset link', 'warning') return redirect(url_for('forgotPassword')) form = ResetPasswordForm() if form.validate_on_submit(): user.password = form.new_password.data db.session.commit() flash('Your Password has been Updated! You can login now.', 'info') return redirect(url_for('login')) return render_template('resetpassword.html', form=form, title="ORM - Reset Password")
def reset_token(token): if session.get('email'): return redirect(url_for('index')) user_x = user.verify_reset_token(token) if user_x is None: flash('Token is invalid or expired', 'warning') return redirect(url_for('request_reset')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash( form.confirm_password.data).decode('utf-8') user_x.password = hashed_password db.session.commit() flash('Your password has been changed', 'success') return redirect(url_for('login')) return render_template('reset_token.html', form=form)
def reset_user_password(userid): form = ResetPasswordForm() user = User.query.filter_by(id=userid).first() if form.validate_on_submit(): print("Resetting Password:{}".format(form.new_password.data)) user.set_password(form.new_password.data) db.session.commit() print("done") flash('Password has been reset for user {}'.format(user.username)) return redirect(url_for('user_details')) return render_template('reset-password.html', title='Reset Password', form=form, user=user)
def confirm_forgot_password(): reset_password_form = ResetPasswordForm() if reset_password_form.submit4.data and reset_password_form.validate_on_submit(): result = request.form event = { 'username': result['username'], 'password': result['password'], 'code': result['ver_code'] } resp = reset_password(event) if resp['success']: return redirect(url_for('home', msg="Password has been changed successfully.")) else: return redirect(url_for('confirm_forgot_password', msg=resp['message'])) return render_template('confirm-forgot-password.html', resetpasswordform=reset_password_form, msg=request.args.get('msg'), user=logged_in_user)
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('data', path=path)) user = User.verify_reset_token(token) if user is None: flash('The link is invalid or expired. Please try again', 'warning') return redirect(url_for('reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_pwd = hashlib.md5(form.password.data).hexdigest() user.password = hashed_pwd db.session.commit() flash("Password has been changed successfully!!") return redirect(url_for('login')) return render_template('reset_token.html', title='Reset Password', form=form)
def reset_password(token): if current_user.is_authenticated: return redirect(url_for('index')) form = ResetPasswordForm() if form.validate_on_submit(): user = User.check_reset_token(token) if user: user.password = bcrypt.generate_password_hash(form.password.token) db.session.commit() flash( 'Your password reset is done,you can login now with your new passowrd', category='info') return redirect(url_for('login')) else: flash('The user is not exist.', category='info') return redirect(url_for('login')) return render_template('reset_password.html', form=form)
def reset_password(token): if not current_user.is_anonymous(): return redirect(url_for('main.index')) form = ResetPasswordForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if not user: return redirect(url_for('main.index')) if not user.reset(token): flash('Invalidate token') return redirect(url_for('main.index')) user.password = form.new_password.data db.session.add(user) db.session.commit() flash('password reset successful. You can login.') return redirect(url_for('auth.login')) return render_template('auth/reset_password.html', form=form)
def reset_token(token): if 'name' in session: return redirect(url_for('home')) #user = User.verify_reset_token(token) form = ResetPasswordForm() if form.validate_on_submit(): for id in db1: b = db1.get(id) if (b['email'] == token): b['password'] = form.password.data db1.save(b) flash('Your password has been updated! You are now able to log in', 'success') return redirect(url_for('login')) return render_template('reset_token.html', title='Reset Password', form=form)
def reset_password(): login = session.get('login', None) if not session.get('can_reset_password', None) or not login: abort(400) form = ResetPasswordForm(meta={'csrf_context': session}) if form.validate_on_submit(): password = form.password.data user = User.query.filter_by(login=login).first() user.set_password(password) db.session.commit() session['can_reset_password'] = False flash('Hasło zostało zmienione', 'alert alert-success') return redirect(url_for('account.login')) return render_template('reset_password.html', form=form)
def reset_password(name, token): user = User.query.filter_by(name=name).first() if user and user.confirm_user(token): form = ResetPasswordForm() if request.method == 'GET': flash('Please reset your password', 'success') return render_template('user/reset_password.html', form=form) if form.validate_on_submit(): user.password = form.password.data db.session.add(user) db.session.add(user) db.session.commit() flash('Password has been reset', 'success') return redirect(url_for('.index', name=user.name)) else: flash('Wait...Wrong token!', 'danger') return redirect(url_for('front.index'))
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('index')) user = User.verify_reset_token(token) print(user) if user is None: flash('That is an invalid or expired token', 'warning') return redirect(url_for('reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): user.password_hash = generate_password_hash(form.password.data) user.login_attempts = 0 db.session.commit() return redirect(url_for('login')) return render_template('reset_token.html', title='Reset Password 2', form=form)
def reset(token): if not current_user.is_anonymous:#如果用户已经登录,跳转到首页 return redirect(url_for('main.index')) form = ResetPasswordForm() if form.validate_on_submit(): user = User.query.filter_by(email = form.email.data).first() if user is None: flash(u'邮箱地址错误') else: if user.confirm(token): user.password = form.password.data db.session.add(user) db.session.commit() flash(u'你刚刚重置了密码') return redirect(url_for('auth.login')) else: flash(u'错误的验证链接或链接已失效') #return redirect(url_for('main.index')) return render_template('auth/resetquest.html', form = form)
def reset_user_password(id): if not g.user.is_admin(): logger.error("%s tried to access /reset-user-password/%d", g.user.email, id) abort(403) user = User.query.get_or_404(id) form = ResetPasswordForm() if form.validate_on_submit(): if request.form['button'] == 'Cancel': return form.redirect(url_for('user_list')) user.reset_password(form.pass2.data) flash("User password modified successfully") logger.info("Password for %s was modified", user.email) return redirect(url_for('user_list')) return render_template('admin_reset_password.html', title = "Modify password", user = user, form = form)