重设密码
给User模型增加方法【类似于确认账户的办法】
flasky/app/models.py
from werkzeug.security import generate_password_hash, check_password_hash
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
from flask import current_app
from flask_login import UserMixin
from . import db, login_manager
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(64), unique=True)
users = db.relationship('User', backref='role', lazy='dynamic')
def __repr__(self):
return '<Role %r>' % self.name
class User(UserMixin, db.Model):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
email = db.Column(db.String(64), unique=True, index=True)
username = db.Column(db.String(64), unique=True, index=True)
role_id = db.Column(db.Integer, db.ForeignKey('roles.id'))
password_hash = db.Column(db.String(128))
confirmed = db.Column(db.Boolean, default=False)
@property
def password(self):
raise AttributeError('password is not a readable attribute')
@password.setter
def password(self, password):
self.password_hash = generate_password_hash(password)
def verify_password(self, password):
return check_password_hash(self.password_hash, password)
def generate_confirmation_token(self, expiration=3600):
s = Serializer(current_app.config['SECRET_KEY'], expiration)
return s.dumps({
'confirm': self.id})
def confirm(self, token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token)
except:
return False
if data.get('confirm') != self.id:
return False
self.confirmed = True
db.session.add(self)
return True
###########################################################
def generate_reset_token(self, expiration=3600):
#增加generate_reset_token方法,用来生成用户的id的加密签名
s = Serializer(current_app.config['SECRET_KEY'], expiration)
#先产生个Serializer类的实例,里面设置好密钥和过期时间
return s.dumps({
'reset': self.id})
#返回一个加密签名
def reset_password(self, token, new_password):
#增加更改密码的方法,接受token加密签名,新密码
s = Serializer(current_app.config['SECRET_KEY'])
#产生实例s
try:
data = s.loads(token)
except:
return False
#试着解析加密签名,得到字典data,否则返回False
if data.get('reset') != self.id:
return False
#如果data字典中的reset的值不等于用户的id,返回False
self.password = new_password
#否则,更新用户密码
db.session.add(self)
#提交到数据库
return True
#返回True
def __repr__(self):
return '<User %r>' % self.username
#########################################################
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
表格
from flask_wtf import Form
from wtforms import StringField, PasswordField, BooleanField, SubmitField
from wtforms.validators import Required, Length, Email, Regexp, EqualTo
from wtforms import ValidationError
from ..models import User
class LoginForm(Form):
email = StringField('Email', validators=[Required(), Length(1, 64),