diff options
author | Marian Sigler <m@qjym.de> | 2012-09-29 17:55:14 +0200 |
---|---|---|
committer | Marian Sigler <m@qjym.de> | 2012-09-29 17:56:14 +0200 |
commit | 2f5998a079e2a4f882c1ea3c1a3ceebca404e3a8 (patch) | |
tree | bb9326d5404e383cb6cb6ed285966356f273912c /app.py | |
parent | 0afa6b651dfb326481d8b0d0fd5d599384889170 (diff) | |
download | web-2f5998a079e2a4f882c1ea3c1a3ceebca404e3a8.tar.gz web-2f5998a079e2a4f882c1ea3c1a3ceebca404e3a8.tar.bz2 web-2f5998a079e2a4f882c1ea3c1a3ceebca404e3a8.zip |
Make it possible to enter an email address at lost_password.
That way users who forgot their username can find it out.
Diffstat (limited to 'app.py')
-rw-r--r-- | app.py | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -142,10 +142,10 @@ def lost_password(): if request.method == 'POST' and form.validate(): #TODO: make the link only usable once (e.g include a hash of the old pw) # atm the only thing we do is make the link valid for only little time - confirm_token = make_confirmation('lost_password', (form.username.data,)) + confirm_token = make_confirmation('lost_password', (form.user.uid,)) confirm_link = url_for('lost_password_complete', token=confirm_token, _external=True) - body = render_template('mail/lost_password.txt', username=form.username.data, + body = render_template('mail/lost_password.txt', username=form.user.uid, link=confirm_link) send_mail(form.user.mail, u'Passwort vergessen', body, |