Python for Entrepreneurs Transcripts
Chapter: Sending and receiving email
Lecture: Demo: Creating resets

Login or purchase this course to watch this video and the rest of the course contents.
0:01 Now that we have our password reset table all set up,
0:03 let's go and actually create some.
0:06 So I'll run the web app here, and let's go to sign in, we'll see sign in now,
0:13 this is the standard sign in we had before,
0:15 we'll have forgot your log in info, just reset it,
0:18 we can click that goes to account/forgot_password.
0:20 While I am talking about it I should also add something like
0:23 "don't have an account? Register here."
0:26 And link over to register, but, you guys can set that up, that's easy.
0:29 So now what we need to do is we need to put in your email address,
0:32 and this is going to submit this back,
0:35 so let's write the code that when we submit this form,
0:38 notice it's required through HTML 5 and our view model test to see the email is there.
0:43 When we submit this form correctly, we'll then create one of those password resets,
0:48 assuming that we can find the account.
0:51 OK, here we are in the forgotten password GET / POST / Redirect set of functions,
0:56 and this one is already done, you saw everything was working,
1:00 we can check out this view model, we have an email and an error,
1:04 that is really all there is to it, and we have validation that the email exists,
1:08 we could do better, right, we could check that it matches the right pattern and so on,
1:12 so we are going to come over here and we are going to load that up.
1:17 Now, let's do this, so we are going to validate and we'll say "if vm.error",
1:24 if there is some kind of error, we'll just reshow this to the view, OK,
1:31 so any validation will you hear should take care checking things out.
1:37 Now, we could actually add a validation to verify that the account exists,
1:43 but we are going to need the account over here anyway.
1:46 So let's just do this, we'll say "reset =" we want to use the AccountService,
1:53 and I have already written a function that is empty.
1:56 create_reset_code for an account and I had written it to take an account here
2:03 but let's give it an email address.
2:06 OK, so we'll pass in the vm.email, and then again we'll say "if not reset",
2:13 so for some reason we couldn't generate like... the account doesn't exist,
2:17 so there is nobody registered with that, or something,
2:19 we'll say vm.error, now here is what you think about do you want to tell them
2:27 "no, I can't find that account" or "hey, yes, I did find that account"
2:30 or do you want to just say something super vague regardless of the outcome
2:34 like "hey, we sent an email to that account if it was registered", something to this effect,
2:40 but I am going to assume that this is not super sensitive
2:42 so we are going to do it this way.
2:46 Alright, we couldn't find it, we couldn't generate it, otherwise,
2:49 what we want to do is we just want to do a redirect to account
2:54 and what was it called? reset_sent.
3:00 Alright, if everything is good, we are going to say
3:03 "hey, just go look in your email", and of course here we want to say to do send.
3:09 Alright, that looks like all we got to do here, let's go write this function.
3:13 So we are going to need to do a couple of things,
3:16 first, we are going to say "account = AccountService.find_account_by_email,
3:22 we already wrote that so this is cool;
3:24 let me say "if not account: return None".
3:27 So we don't need to rewrite that or reimplement it here, duplicate it here,
3:32 now if the account exists, so it will be down here,
3:37 then let's just create a PasswordReset
3:44 now let's think about what do we need to add here,
3:46 what do we need to set? So, this is going to be autogenerated, great.
3:50 this is going to be auto generated, thank you for that.
3:55 These are going to be set later, so we have created_date,
3:59 user_ip_address and user_id, we don't need created_date, sorry,
4:02 we just need user_ip_address and user_id.
4:11 You want to get that from the request and set that for real, and,
4:15 this is the most important one, user_id is going to be account.id. Now this creates it,
4:22 of course we got to add it to the session, and commit the session.
4:28 OK, so this should do it, all the default should take care of everything
4:33 but those two pieces
4:36 and of course we want to return reset so that we can actually use the id up here,
4:43 OK, so that is going to reset it and then let's just do a print
4:52 "Would email the code {} to {}".
4:57 Alright, so we would send the email with this code and we'll talk about that next,
5:02 but let's just verify that everything is working so far.
5:09 So I come over here, not signed in, so I try to sign in,
5:12 oh I forget my password, let's just prove like I had forget my password,
5:18 and just this, no, don't update it now, oh it looks like I can't log in, let's reset it,
5:24 here is my email address, this should do all that work, go to the database,
5:28 find my account with this email, verify that everything is OK,
5:32 create the password reset, use all the defaults,
5:35 store it to the database and then fake whether or not it sent the email
5:38 and redirect me to the reset_sent, go.
5:41 Boom, check your email, your reset link has been sent,
5:45 let's check down here this is my fake email,
5:47 we would have emailed this code to that person.
5:51 Alright, so next we are going to need to send the email,
5:57 and then actually process the code when they click the link in their email.