|
@ -4,7 +4,8 @@ from . import auth |
|
|
from .. import db |
|
|
from .. import db |
|
|
from ..models import User |
|
|
from ..models import User |
|
|
from ..email import send_email |
|
|
from ..email import send_email |
|
|
from .forms import LoginForm, RegistrationForm, ChangePasswordForm |
|
|
|
|
|
|
|
|
from .forms import LoginForm, RegistrationForm, ChangePasswordForm, \ |
|
|
|
|
|
PasswordResetRequestForm, PasswordResetForm |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@auth.before_app_request |
|
|
@auth.before_app_request |
|
@ -100,3 +101,35 @@ def change_password(): |
|
|
else: |
|
|
else: |
|
|
flash('Invalid password.') |
|
|
flash('Invalid password.') |
|
|
return render_template('auth/change_password.html', form=form) |
|
|
return render_template('auth/change_password.html', form=form) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@auth.route('/reset', methods=['GET', 'POST']) |
|
|
|
|
|
def password_reset_request(): |
|
|
|
|
|
if not current_user.is_anonymous: |
|
|
|
|
|
redirect(url_for('main.index')) |
|
|
|
|
|
form = PasswordResetRequestForm() |
|
|
|
|
|
if form.validate_on_submit(): |
|
|
|
|
|
user = User.query.filter_by(email=form.email.data).first() |
|
|
|
|
|
if user: |
|
|
|
|
|
token = user.generate_reset_token() |
|
|
|
|
|
send_email(user.email, 'Reset your password', |
|
|
|
|
|
'auth/email/reset_password', user=user, token=token) |
|
|
|
|
|
flash('An email with instructions to reset your password has been ' |
|
|
|
|
|
'sent to you') |
|
|
|
|
|
return redirect(url_for('auth.login')) |
|
|
|
|
|
return render_template('auth/reset_password.html', form=form) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@auth.route('/reset/<token>', methods=['GET', 'POST']) |
|
|
|
|
|
def password_reset(token): |
|
|
|
|
|
if not current_user.is_anonymous: |
|
|
|
|
|
redirect(url_for('main.index')) |
|
|
|
|
|
form = PasswordResetForm() |
|
|
|
|
|
if form.validate_on_submit(): |
|
|
|
|
|
if User.reset_password(token, form.password.data): |
|
|
|
|
|
db.session.commit() |
|
|
|
|
|
flash('Your password has been updated.') |
|
|
|
|
|
return redirect(url_for('auth.login')) |
|
|
|
|
|
else: |
|
|
|
|
|
return redirect(url_for('main.index')) |
|
|
|
|
|
return render_template('auth/reset_password.html', form=form) |