def user_password_modify(id):
current_password = request.json.get("currentPassword", None)
new_password = request.json.get("newPassword", None)
id_type = request.args.get("id_type", "url_slug") # url_slug is default
try:
if id_type == "reset_token":
user = reset_password_from_token(id, request.json["newPassword"])
else:
user = reset_password(id, id_type, current_password, new_password)
except PasswordResetError as e:
abort_json(403, e.message)
db.session.commit()
return json_resp_from_thing({"about": user.dict_about()})
