add errors, email, and reset password

1 files changed, 40 insertions, 1 deletions

diff --git a/app/routes.py b/app/routes.py
index a1a4f54..ba07a02 100644
--- a/app/routes.py
+++ b/app/routes.py
@@ -9,8 +9,15 @@ from werkzeug.urls import url_parse
 
 from app import app
 from app import db
-from app.forms import LoginForm, RegistrationForm
+
+from app.forms import (
+    LoginForm,
+    RegistrationForm,
+    ResetPasswordRequestForm,
+    ResetPasswordForm,
+)
 from app.models import User
+from app.email import send_password_reset_email
 
 
 @app.route("/")
@@ -59,3 +66,35 @@ def register():
         flash("Thank you, you are now a registered user!")
         return redirect(url_for("login"))
     return render_template("register.html", title="Register", form=form)
+
+
+@app.route("/reset_password_request", methods=("GET", "POST"))
+def reset_password_request():
+    if current_user.is_authenticated:
+        return redirect(url_for("index"))
+    form = ResetPasswordRequestForm()
+    if form.validate_on_submit():
+        user = User.query.filter_by(email=form.email.data).first()
+        if user:
+            send_password_reset_email(user)
+        flash("Check your email for the instructions to reset your password.")
+        return redirect(url_for("login"))
+    return render_template(
+        "reset_password_request.html", title="Reset Password", form=form
+    )
+
+
+@app.route("/reset_password/<token>", methods=("GET", "POST"))
+def reset_password(token):
+    if current_user.is_authenticated:
+        return redirect(url_for("index"))
+    user = User.verify_reset_password_token(token)
+    if not user:
+        return redirect(url_for("index"))
+    form = ResetPasswordForm()
+    if form.validate_on_submit():
+        user.set_password(form.password.data)
+        db.session.commit()
+        flash("Your password has been reset.")
+        return redirect(url_for("login"))
+    return render_template("reset_password.html", form=form)