Python for Entrepreneurs Transcripts
Chapter: Sending and receiving email
Lecture: Demo: Creating resets

Login or purchase this course to watch this video and the rest of the course contents.
0:01 Now that we have our password reset table all set up, let's go and actually create some.
0:07 So I'll run the web app here, and let's go to sign in, we'll see sign in now, this is the standard sign in we had before,
0:16 we'll have forgot your log in info, just reset it, we can click that goes to account/forgot_password.
0:21 While I am talking about it I should also add something like "don't have an account? Register here."
0:27 And link over to register, but, you guys can set that up, that's easy. So now what we need to do is we need to put in your email address,
0:33 and this is going to submit this back, so let's write the code that when we submit this form,
0:39 notice it's required through HTML 5 and our view model test to see the email is there.
0:44 When we submit this form correctly, we'll then create one of those password resets, assuming that we can find the account.
0:52 OK, here we are in the forgotten password GET / POST / Redirect set of functions, and this one is already done, you saw everything was working,
1:01 we can check out this view model, we have an email and an error, that is really all there is to it, and we have validation that the email exists,
1:09 we could do better, right, we could check that it matches the right pattern and so on,
1:13 so we are going to come over here and we are going to load that up. Now, let's do this, so we are going to validate and we'll say "if vm.error",
1:25 if there is some kind of error, we'll just reshow this to the view, OK, so any validation will you hear should take care checking things out.
1:38 Now, we could actually add a validation to verify that the account exists, but we are going to need the account over here anyway.
1:47 So let's just do this, we'll say "reset =" we want to use the AccountService, and I have already written a function that is empty.
1:57 create_reset_code for an account and I had written it to take an account here but let's give it an email address.
2:07 OK, so we'll pass in the vm.email, and then again we'll say "if not reset", so for some reason we couldn't generate like... the account doesn't exist,
2:18 so there is nobody registered with that, or something, we'll say vm.error, now here is what you think about do you want to tell them
2:28 "no, I can't find that account" or "hey, yes, I did find that account" or do you want to just say something super vague regardless of the outcome
2:35 like "hey, we sent an email to that account if it was registered", something to this effect, but I am going to assume that this is not super sensitive
2:43 so we are going to do it this way. Alright, we couldn't find it, we couldn't generate it, otherwise,
2:50 what we want to do is we just want to do a redirect to account and what was it called? reset_sent. Alright, if everything is good, we are going to say
3:04 "hey, just go look in your email", and of course here we want to say to do send.
3:10 Alright, that looks like all we got to do here, let's go write this function. So we are going to need to do a couple of things,
3:17 first, we are going to say "account = AccountService.find_account_by_email, we already wrote that so this is cool;
3:25 let me say "if not account: return None". So we don't need to rewrite that or reimplement it here, duplicate it here,
3:33 now if the account exists, so it will be down here, then let's just create a PasswordReset now let's think about what do we need to add here,
3:47 what do we need to set? So, this is going to be autogenerated, great. this is going to be auto generated, thank you for that.
3:56 These are going to be set later, so we have created_date, user_ip_address and user_id, we don't need created_date, sorry,
4:03 we just need user_ip_address and user_id. You want to get that from the request and set that for real, and,
4:16 this is the most important one, user_id is going to be account.id. Now this creates it,
4:23 of course we got to add it to the session, and commit the session. OK, so this should do it, all the default should take care of everything
4:34 but those two pieces and of course we want to return reset so that we can actually use the id up here,
4:44 OK, so that is going to reset it and then let's just do a print "Would email the code {} to {}".
4:58 Alright, so we would send the email with this code and we'll talk about that next, but let's just verify that everything is working so far.
5:10 So I come over here, not signed in, so I try to sign in, oh I forget my password, let's just prove like I had forget my password,
5:19 and just this, no, don't update it now, oh it looks like I can't log in, let's reset it,
5:25 here is my email address, this should do all that work, go to the database, find my account with this email, verify that everything is OK,
5:33 create the password reset, use all the defaults, store it to the database and then fake whether or not it sent the email
5:39 and redirect me to the reset_sent, go. Boom, check your email, your reset link has been sent, let's check down here this is my fake email,
5:48 we would have emailed this code to that person. Alright, so next we are going to need to send the email,
5:58 and then actually process the code when they click the link in their email.


Talk Python's Mastodon Michael Kennedy's Mastodon