def password_reset(): """Entry point after user clicks link in E-mail""" logger.debug("in password_reset request.url is:", request.url) # We do this mainly just to assert that it's in proper form for displaying next page # Really not necessary but doesn't hurt # user_encode = DecodeUser(ForgotPasswordEmail.key_prefix).reencode_standalone() verification_code = request.args.get('code') hmac = request.args.get('hm') if verification_code: user_email = check_verification_code(verification_code) if user_email: user_details = get_user_by_unique_column('email_address', user_email) if user_details: return render_template("new_security/password_reset.html", user_encode=user_details["user_id"]) else: flash("Invalid code: User no longer exists!", "error") else: flash( "Invalid code: Password reset code does not exist or might have expired!", "error") else: return redirect(url_for("login"))
def password_reset(): """Entry point after user clicks link in E-mail""" logger.debug("in password_reset request.url is:", request.url) verification_code = request.args.get('code') hmac = request.args.get('hm') if verification_code: user_details = check_verification_code(verification_code) if user_details: return render_template("new_security/password_reset.html", user_encode=user_details["email_address"]) else: flash( "Invalid code: Password reset code does not exist or might have expired!", "error") return redirect(url_for("login")) else: return redirect(url_for("login"))
def verify_email(): if 'code' in request.args: user_details = check_verification_code(request.args['code']) if user_details: # As long as they have access to the email account # We might as well log them in session_id_signed = get_signed_session_id(user_details) flash( "Thank you for logging in {}.".format( user_details['full_name']), "alert-success") response = make_response( redirect( url_for('index_page', import_collections=import_col, anon_id=anon_id))) response.set_cookie(UserSession.user_cookie_name, session_id_signed, max_age=None) return response else: flash( "Invalid code: Password reset code does not exist or might have expired!", "error")