diff options
Diffstat (limited to 'accounts/views')
-rw-r--r-- | accounts/views/admin/__init__.py | 2 | ||||
-rw-r--r-- | accounts/views/default/__init__.py | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/accounts/views/admin/__init__.py b/accounts/views/admin/__init__.py index 7378e38..938033b 100644 --- a/accounts/views/admin/__init__.py +++ b/accounts/views/admin/__init__.py @@ -66,7 +66,7 @@ def disable_account(): if 'uid' in request.args: form = AdminDisableAccountForm(username=request.args['uid']) - if form.validate_on_submit(): + if form.validate_on_submit() and form.user: random_pw = str(uuid4()) form.user.change_password(random_pw) for service in accounts_app.all_services: diff --git a/accounts/views/default/__init__.py b/accounts/views/default/__init__.py index 0b7065d..bba20fd 100644 --- a/accounts/views/default/__init__.py +++ b/accounts/views/default/__init__.py @@ -84,7 +84,7 @@ def register_complete(token: str): @logout_required def lost_password(): form = LostPasswordForm() - if form.validate_on_submit(): + if form.validate_on_submit() and form.user: #TODO: make the link only usable once (e.g include a hash of the old pw) # atm the only thing we do is make the link valid for only little time accounts_app.mail_backend.send( |