def password():
password = request.args.get('password')
if not password:
return 'Invalid password', 403
usr = current_user._get_current_object()
if not usr.is_authenticated():
return 'Invalid password', 403
if not user.verify_password(usr, password):
return 'Invalid password', 403
return '', 201
def login(data):
data = data or dict()
usr = user.get_by_username(data.get('login'))
if not usr:
usr = user.get_by_email(data.get('login'))
if not usr:
raise ValidationError('Invalid login or password')
if not user.verify_password(usr, data.get('password')):
raise ValidationError('Invalid login or password')
remember = parse_boolean(data.get('remember'))
login_user(usr, remember=remember)
confirm_login()
return usr
def login(data):
data = data or dict()
usr = user.get_by_username(data.get('login'))
if not usr:
usr = user.get_by_email(data.get('login'))
if not usr:
raise ValidationError('Invalid login or password')
if not user.verify_password(usr, data.get('password')):
raise ValidationError('Invalid login or password')
remember = parse_boolean(data.get('remember'))
login_user(usr, remember=remember)
confirm_login()
return usr
def password_change():
old = request.json.get('old')
new = request.json.get('new')
confirm = request.json.get('confirm')
usr = current_user._get_current_object()
if not user.verify_password(usr, old):
return 'Invalid old password', 403
if new != confirm:
return 'New password not confirmed', 403
try:
user.set_password(usr, new)
except InvalidPasswordError:
return 'Invalid new password', 403
return '', 201
def password_change():
old = request.json.get('old')
new = request.json.get('new')
confirm = request.json.get('confirm')
usr = current_user._get_current_object()
if not user.verify_password(usr, old):
return 'Invalid old password', 403
if new != confirm:
return 'New password not confirmed', 403
try:
user.set_password(usr, new)
except InvalidPasswordError:
return 'Invalid new password', 403
return '', 201