From a069fe7b6a4cbb616fdedc5b2d7515d4aef4cdfc Mon Sep 17 00:00:00 2001 From: Son NK <> Date: Mon, 27 Apr 2020 22:57:55 +0200 Subject: [PATCH] do not return error when user doesn't exist on forgot_password --- app/auth/templates/auth/forgot_password.html | 3 +-- app/auth/views/forgot_password.py | 15 ++++++++------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/app/auth/templates/auth/forgot_password.html b/app/auth/templates/auth/forgot_password.html index 1955479c..db511821 100644 --- a/app/auth/templates/auth/forgot_password.html +++ b/app/auth/templates/auth/forgot_password.html @@ -16,8 +16,7 @@
- {{ form.email(class="form-control", type="email", - placeholder="The email address associated with your SimpleLogin account") }} + {{ form.email(class="form-control", type="email") }} {{ render_field_errors(form.email) }}
diff --git a/app/auth/views/forgot_password.py b/app/auth/views/forgot_password.py index 604657d5..7c7af5a8 100644 --- a/app/auth/views/forgot_password.py +++ b/app/auth/views/forgot_password.py @@ -1,4 +1,4 @@ -from flask import request, render_template, redirect, url_for +from flask import request, render_template, redirect, url_for, flash from flask_wtf import FlaskForm from wtforms import StringField, validators @@ -17,14 +17,15 @@ def forgot_password(): if form.validate_on_submit(): email = form.email.data.strip().lower() + flash( + "If your email is correct, you are going to receive an email to reset your password", + "success", + ) user = User.get_by(email=email) - if not user: - error = "No such user, are you sure the email is correct?" - return render_template("auth/forgot_password.html", form=form, error=error) - - send_reset_password_email(user) - return redirect(url_for("auth.forgot_password")) + if user: + send_reset_password_email(user) + return redirect(url_for("auth.forgot_password")) return render_template("auth/forgot_password.html", form=form)