diff --git a/flask_security/core.py b/flask_security/core.py index d53f9ce..79eec4e 100644 --- a/flask_security/core.py +++ b/flask_security/core.py @@ -303,13 +303,21 @@ class RegisterForm(Form): validators=[Required(message='Email not provided'), Email()]) password = PasswordField("Password", validators=[Required(message="Password not provided")]) - password_confirm = PasswordField("Password", - validators=[EqualTo('password', message="Password not provided")]) + password_confirm = PasswordField("Retype Password", + validators=[EqualTo('password', message="Passwords do not match")]) def to_dict(self): return dict(email=self.email.data, password=self.password.data) +class ResetPasswordForm(Form): + token = HiddenField() + password = PasswordField("Password", + validators=[Required(message="Password not provided")]) + password_confirm = PasswordField("Retype Password", + validators=[EqualTo('password', message="Passwords do not match")]) + + class AuthenticationProvider(object): """The default authentication provider implementation. diff --git a/flask_security/templates/reset.html b/flask_security/templates/reset.html new file mode 100644 index 0000000..744448b --- /dev/null +++ b/flask_security/templates/reset.html @@ -0,0 +1,6 @@ +
+ {{ form.hidden_tag() }} + {{ form.password.label }} {{ form.password }}
+ {{ form.password_confirm.label }} {{ form.password_confirm }}
+ {{ form.submit }} +
\ No newline at end of file diff --git a/flask_security/views.py b/flask_security/views.py index e95544f..8c9440c 100644 --- a/flask_security/views.py +++ b/flask_security/views.py @@ -116,12 +116,12 @@ def register(): if security.confirm_email: send_confirmation_instructions(user) - # Login the user if allowed - if security.login_without_confirmation: - _do_login(user) - logger.debug('User %s registered' % user) + # Login the user if allowed + if (not security.confirm_email) or security.login_without_confirmation: + _do_login(user) + return redirect(security.post_register_view or security.post_login_view) diff --git a/tests/functional_tests.py b/tests/functional_tests.py index b5e1d00..7575468 100644 --- a/tests/functional_tests.py +++ b/tests/functional_tests.py @@ -115,8 +115,7 @@ class DefaultSecurityTests(SecurityTest): def test_register_valid_user(self): data = dict(email='dude@lp.com', password='password', password_confirm='password') - r = self.client.post('/register', data=data, follow_redirects=True) - self.assertNotIn('Hello dude@lp.com', r.data) + self.client.post('/register', data=data, follow_redirects=True) r = self.authenticate('dude@lp.com', 'password') self.assertIn('Hello dude@lp.com', r.data)