Sign in Subscribe
flask

Flask Boilerplate - Email Confirmation, Update Password

The article presents the latest authentication improvements added to the reference Flask Boilerplate: password recovery and email confirmation during the registration process.

Editor

3 min read
Flask Codebase - Authentication Improvements.
Flask Codebase - Authentication Improvements. 

Hello! This article presents the latest improvements provided to our reference Flask Codebase used by all Flask Dashboards (free & pro) provided by AppSeed. The product can be downloaded from Github and used for hobby & commercial products based on the permissive MIT license. For newcomers, Flask is a lightweight and popular web framework crafted on top of Python used for any kind of project and web apps: simple sites, APIs, microservices, or complex eCommerce solutions.    

Thanks for reading! Here is the summary of recent update
  • #1 - Confirmation email for registration (optional via config)
  • #2 - Password recovery flow

Confirmation email for registration

This feature allows validating the email used by a user during a registration process. The flow is optional and by default is disabled. Let's visualize how it works.

Feature is inactive (default configuration)
  • The user creates a new account
  • The user is able to Sign IN without email confirmation
Flask Codebase Registration - No Email Confirmation
Flask Codebase Registration - No Email Confirmation

This flow is the classic, simple Sign IN process. The problem that might occur is the pollution of the app with fake accounts.

Feature is active in configuration:
# apps/config.py - Partial Content
...
EMAIL_CONFIRMATION_REQUIRED = True # Default value: False
...
Flask Codebase - Email Confirmation

During the registration process the app checks if the feature is active and warns the user to activate his account via email:

Flask Codebase - Registration Process
Flask Codebase - Registration Process

If the registration is successful the user is informed about the result and invited to confirm the email address.

Flask Codebase - Email Confirmation 

The source code is licensed under MIT license and can be used by anyone without a source code credit to AppSeed,

Password Recovery

Registered users are able to update their passwords using a simple flow:

  • The user should have an active account
  • The user should have access to the email address
  • The user completes his email address in the forgot-password page
  • The app sends a unique link using the provided email
  • The User is able to update the password.
Flask Codebase - Reset Password
Flask Codebase - Reset Password
Reset Password - Confirm the email address
Flask Reset Password - Specify the Email
Flask Reset Password - Specify the Email
Reset Password - Confirmation Page
Flask Reset Password - Set New Password
Flask Reset Password - Set New Password

If the operation is successful, the user is redirected to the Sign IN page:

Flask Reset Password - Password Updated.
Flask Reset Password - Password Updated.
Thanks for reading! For more resources or support please access: