Flask Boilerplate - Email Confirmation, Update Password
The article presents the latest authentication improvements added to the reference Flask Boilerplate: password recovery and email confirmation during the registration process.
![Flask Codebase - Authentication Improvements.](/content/images/size/w2000/2021/09/cover-blog-flask-auth-improvements.jpg)
Hello! This article presents the latest improvements provided to our reference Flask Codebase used by all Flask Dashboards (free & pro) provided by AppSeed. The product can be downloaded from Github and used for hobby & commercial products based on the permissive MIT license. For newcomers, Flask is a lightweight and popular web framework crafted on top of Python used for any kind of project and web apps: simple sites, APIs, microservices, or complex eCommerce solutions.
Thanks for reading! Here is the summary of recent update
- #1 - Confirmation email for registration (optional via config)
- #2 - Password recovery flow
Confirmation email for registration
This feature allows validating the email used by a user during a registration process. The flow is optional and by default is disabled. Let's visualize how it works.
Feature is inactive (default configuration)
- The user creates a new account
- The user is able to Sign IN without email confirmation
![Flask Codebase Registration - No Email Confirmation](https://blog.appseed.us/content/images/2021/09/image-25.png)
This flow is the classic, simple Sign IN process. The problem that might occur is the pollution of the app with fake accounts.
Feature is active in configuration:
# apps/config.py - Partial Content
...
EMAIL_CONFIRMATION_REQUIRED = True # Default value: False
...
During the registration process the app checks if the feature is active and warns the user to activate his account via email:
![Flask Codebase - Registration Process](https://blog.appseed.us/content/images/2021/09/image-23.png)
If the registration is successful the user is informed about the result and invited to confirm the email address.
![](https://blog.appseed.us/content/images/2021/09/image-24.png)
The source code is licensed under MIT license and can be used by anyone without a source code credit to AppSeed,
Password Recovery
Registered users are able to update their passwords using a simple flow:
- The user should have an active account
- The user should have access to the email address
- The user completes his email address in the
forgot-password
page - The app sends a unique link using the provided email
- The User is able to update the password.
![Flask Codebase - Reset Password](https://blog.appseed.us/content/images/2021/09/image-26.png)
Reset Password - Confirm the email address
![Flask Reset Password - Specify the Email](https://blog.appseed.us/content/images/2021/09/image-27.png)
Reset Password - Confirmation Page
![Flask Reset Password - Set New Password](https://blog.appseed.us/content/images/2021/09/image-28.png)
If the operation is successful, the user is redirected to the Sign IN page:
![Flask Reset Password - Password Updated.](https://blog.appseed.us/content/images/2021/09/image-29.png)
Thanks for reading! For more resources or support please access:
- Flask Codebase - Source Code
- Ask for support - free for registered users
- See more Flask Dashboards and Apps provided by AppSeed