prevent password reset from breaking if you have no password

If you've just been invited, or are using social auth, you have no password set, so the reset password feature causes a crash. This doesn't need to happen.
lkarthee · May 12, 2015 · 7884d63 · 7884d63
1 parent 8a14aba
commit 7884d63
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/flask_security/recoverable.py b/flask_security/recoverable.py
@@ -53,7 +53,8 @@ def generate_reset_password_token(user):
 
     :param user: The user to work with
     """
-    data = [str(user.id), md5(user.password)]
+    password_hash = md5(user.password) if user.password else None
+    data = [str(user.id), password_hash]
     return _security.reset_serializer.dumps(data)