def reset_password_wtoken(token):
try:
# the users have one hour to use previous token
email = read_timed_token(token, "reset password", 3600)
except Exception:
flash_error("The link is invalid or has expired.")
return redirect(url_for(".info"))
if not userdb.user_exists(email):
flash_error("The link is invalid or has expired.")
return redirect(url_for(".info"))
if request.method == "GET":
return render_template("reset_password_wtoken.html", title="Reset password", token=token)
elif request.method == "POST":
pw1 = request.form["password1"]
pw2 = request.form["password2"]
if pw1 != pw2:
flash_error("Oops, passwords do not match!")
return redirect(url_for(".reset_password_wtoken", token=token))
if len(pw1) < 8:
flash_error("Oops, password too short. Minimum 8 characters please!")
return redirect(url_for(".reset_password_wtoken", token=token))
userdb.change_password(email, pw1)
flask.flash(Markup("Your password has been changed. Please login with your new password."))
return redirect(url_for(".info"))
def confirm_email(token):
try:
# the users have 24h to confirm their email
email = read_timed_token(token, 'confirm email', 86400)
except Exception:
flash_error('The confirmation link is invalid or has expired.')
user = SeminarsUser(email=email)
if user.email_confirmed:
flash_error('Email already confirmed.')
else:
user.email_confirmed = True
user.save()
flask.flash('You have confirmed your email. Thanks!', 'success')
return redirect(url_for('.info'))
def endorse_wtoken(token):
try:
# tokens last forever
endorser, email = read_timed_token(token, "endorser", None)
except Exception:
return flask.abort(404, "The link is invalid or has expired.")
return redirect(url_for(".info"))
if current_user.is_creator:
flash_error("Account already has creator privileges.")
elif current_user.email.lower() != email.lower():
flash_error("The link is not valid for this account.")
else:
current_user.endorser = int(endorser) # must set endorser first
current_user.creator = True # this will update the db
return redirect(url_for(".info"))
def confirm_email(token):
try:
# the users have 24h to confirm their email
email = read_timed_token(token, "confirm email", 86400)
except Exception:
flash_error("The confirmation link is invalid or has expired.")
else:
if current_user.email.lower() != email.lower():
flash_error("The link is not valid for this account.")
elif current_user.email_confirmed:
flash_error("Email already confirmed.")
else:
current_user.email_confirmed = True
current_user.save()
flask.flash("You have confirmed your email. Thanks!", "success")
return redirect(url_for(".info"))
def endorse_wtoken(token):
try:
# tokens last forever
endorser, email = read_timed_token(token, "endorser", None)
except Exception:
return flask.abort(404, "The link is invalid or has expired.")
return redirect(url_for(".info"))
if current_user.is_creator:
flash_error("Account already has creator privileges.")
elif current_user.email.lower() != email.lower():
flash_error("The link is not valid for this account.")
else:
userdb.make_creator(current_user.email, int(endorser))
current_user.save()
flask.flash("You can now create seminars. Thanks!", "success")
return redirect(url_for(".info"))
def endorse_wtoken(token):
try:
# tokens last forever
endoser, email, phd = read_timed_token(token, 'endorser', None)
except Exception:
flash_error('The link is invalid or has expired.')
if current_user.creator:
flash_error('Account already has creator privileges.')
elif current_user.email != email:
flash_error('The link is not valid for this account.')
elif not current_user.email_confirmed:
flash_error('You must confirm your email first.')
else:
user.endorser = int(endorser)
user.creator = True
user.phd = bool(phd)
user.save()
flask.flash('You can now create seminars. Thanks!', 'success')
return redirect(url_for('.info'))