From 2e5a241777ef0bb0d76420d39bf3be41e16e042a Mon Sep 17 00:00:00 2001
From: Cédric Bonhomme <cedric@cedricbonhomme.org>
Date: Thu, 18 Feb 2016 08:59:13 +0100
Subject: New management of the token for the account confirmation.

---
 src/web/forms.py | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

(limited to 'src/web/forms.py')

diff --git a/src/web/forms.py b/src/web/forms.py
index 172f31a8..b17d2f7a 100644
--- a/src/web/forms.py
+++ b/src/web/forms.py
@@ -99,10 +99,9 @@ class SigninForm(RedirectForm):
             return False
 
         user = User.query.filter(User.email == self.email.data).first()
-        if user and user.check_password(self.password.data) \
-                and user.activation_key == "":
+        if user and user.check_password(self.password.data) and user.enabled:
             return True
-        elif user and user.activation_key != "":
+        elif user and not user.enabled:
             flash(lazy_gettext('Account not confirmed'), 'danger')
             return False
         else:
@@ -207,9 +206,9 @@ class RecoverPasswordForm(Form):
             return False
 
         user = User.query.filter(User.email == self.email.data).first()
-        if user and user.activation_key == "":
+        if user and user.enabled:
             return True
-        elif user and user.activation_key != "":
+        elif user and not user.enabled:
             flash(lazy_gettext('Account not confirmed.'), 'danger')
             return False
         else:
-- 
cgit