1
1
Fork 0

Password reset w/o email validation :D

master
Jan Kužílek 5 years ago
parent 2f8f7920f8
commit a6df156d01

@ -2,7 +2,7 @@ import flask_login as fl
from flask import Blueprint, flash, redirect, render_template, request, url_for, current_app
from yadc import db
from yadc.forms import LoginForm, RegisterForm, ResetPasswordForm
from yadc.forms import LoginForm, RegisterForm, ResetPasswordForm, ResetPasswordPassForm
from yadc.models import User
from yadc.utils import nextpage, flasherrors
@ -43,22 +43,24 @@ def reset_password():
if fl.current_user.is_authenticated:
return redirect(url_for('main.index'))
form = ResetPasswordPassForm(request.form)
if request.method == 'POST' and form.validate():
flash('Password successfully reset.') # for real
return redirect(url_for('.login'))
form = ResetPasswordForm(request.form)
if request.method == 'POST' and form.validate():
user = User.query.filter_by(email=form.email.data).first()
if user:
user.create_password('kuxaman')
db.session.commit()
#do something to reset the password
return render_template('auth/reset_password.html', form=ResetPasswordPassForm(request.form))
flash('Password successfully reset. Check your email.')
flash('Password successfully reset.') # faked
return redirect(url_for('.login'))
flasherrors(form)
return render_template('auth/reset_password.html', form=form)
@bp.route('/register', methods=['GET', 'POST'])
def register():
if fl.current_user.is_authenticated:

@ -32,6 +32,11 @@ class ResetPasswordForm(CSRFForm):
email = StringField('Email', validators=[DataRequired(), Email()], render_kw=dict(placeholder="Your email address"))
submit = SubmitField('Reset password')
class ResetPasswordPassForm(ResetPasswordForm):
password = PasswordField('Password', validators=[DataRequired()], render_kw=dict(placeholder="Password"))
password_again = PasswordField('Repeat password', validators=[DataRequired(), EqualTo('password')], render_kw=dict(placeholder="Repeat password"))
really = BooleanField('I swear this really is my account and am not trying to steal anybody elses.', validators=[DataRequired()])
class RegisterForm(CSRFForm):
username = StringField('Username', validators=[DataRequired()], render_kw=dict(placeholder="Username"))
email = StringField('Email', validators=[DataRequired(), Email()], render_kw=dict(placeholder="Email"))

@ -4,10 +4,20 @@
<div class="pageform">
<h2>Reset password</h2>
<form action="" method="post">
<p>Please insert your email address and we will send you a request for password reset.</p>
{{ form.csrf_token }}
{% if form.__class__.__name__ != "ResetPasswordPassForm" %}
<p>Please insert your email address.</p>
{{ form.email() }}
{% else %}
{{ form.email(readonly='') }}
<p>Now please enter your new password.</p>
{{ form.password() }}
{{ form.password_again() }}
<ul>
<li>{{ form.really() }}{{ form.really.label }}</li>
</ul>
{% endif %}
{{ form.submit() }}
</form>

Loading…
Cancel
Save