def update_user_password(self, user_id, password):
"""
Updates user's password.
There is no need to hash/encrypt the password - function does it automatically.
arguments:
user_id -- a database ID of a user
password -- new password
"""
user_key = mk_user_key(user_id)
user_data = self.db.get(user_key)
if user_data:
user_data['pwd_hash'] = mk_pwd_hash_default(password)
self.db.set(user_key, user_data)
else:
raise AuthException(_('User %s not found.') % user_id)
def update_user_password(self, user_id, password):
"""
Updates user's password.
There is no need to hash/encrypt the password - function does it automatically.
Security note: the calling function must make sure user_id matches the actual user logged in
arguments:
user_id -- a database ID of a user
password -- new password
"""
cursor = self.db.cursor()
cursor.execute('SELECT username FROM kontext_user WHERE id = %s', (user_id,))
row = cursor.fetchone()
if row is not None:
cursor.execute('UPDATE kontext_user SET pwd_hash = %s WHERE id = %s',
(mk_pwd_hash_default(password), user_id))
self.db.commit()
else:
raise AuthException(_('User %s not found.') % user_id)