Unable to use forgot password in Flask-Security

0
votes

I have an app using flask security for login. My settings are:

SECURITY_PASSWORD_SALT = 'hjdsafjkhalkj'
SECURITY_PASSWORD_HASH='bcrypt'
SECURITY_RECOVERABLE=True
SECURITY_CHANGEABLE=True
SECURITY_EMAIL_SENDER = os.environ['COMPLIANCE']

Here is how the user is created:

#set generic password for User model
        password=flask_security.utils.hash_password(pw)
        admin=db1.Admin(id,name,email,phone,pw)

        # add user and role to db
        if not user_datastore.get_user(email):
            pw = ''.join(random.choices(string.ascii_letters + string.digits, k=16))
            user_datastore.create_user(email=email, password=password)

            db.session.add(admin)

            user_datastore.add_role_to_user(email, 'admin')
            db.session.commit()

Everything seems to work until I try to click the "forgot password" on login. Tis takes me to the apprpriate route, I enter the email and submit, then get an error.

Traceback (most recent call last):
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask/app.py", line 2446, in
 wsgi_app
    response = self.full_dispatch_request()
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask/app.py", line 1951, in
 full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask/app.py", line 1820, in
 handle_user_exception

    reraise(exc_type, exc_value, tb)
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask/_compat.py", line 39,
in reraise
    raise value
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask/app.py", line 1949, in
 full_dispatch_request
    rv = self.dispatch_request()
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask/app.py", line 1935, in
 dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask_security/decorators.py
", line 230, in wrapper
    return f(*args, **kwargs)
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask_security/views.py", li
ne 260, in forgot_password
    send_reset_password_instructions(form.user)
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask_security/recoverable.p
y", line 30, in send_reset_password_instructions
    token = generate_reset_password_token(user)
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/flask_security/recoverable.p
y", line 62, in generate_reset_password_token
    return _security.reset_serializer.dumps(data)

  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/itsdangerous/serializer.py",
 line 167, in dumps
    rv = self.make_signer(salt).sign(payload)
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/itsdangerous/timed.py", line
 42, in sign
    return value + sep + self.get_signature(value)
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/itsdangerous/signer.py", lin
e 143, in get_signature
    key = self.derive_key()
  File "/Users/user1/Downloads/CausePayments/env/lib/python3.7/site-packages/itsdangerous/signer.py", lin
e 130, in derive_key
    return self.digest_method(salt + b"signer" + self.secret_key).digest()
TypeError: can't concat NoneType to bytes
[2020-01-23 04:10:16,765] ERROR in app: Server Error: 500 Internal Server Error: The server encountered a
n internal error and was unable to complete your request. Either the server is overloaded or there is an
error in the application.

I am not sure what else to try.

1
flaskflask-security

1 Answers

0
votes

You needs to set SECRET_KEY which is a Flask variable (i.e. it's not 'SECURITY_SECRET_KEY' - just 'SECRET_KEY')