def update_password(user_id): user = get_user_by_id(user_id=user_id) req_json = request.get_json() pwd = req_json.get('_password') update_dct, errors = user_update_password_schema_load_json.load(req_json) if errors: raise InvalidRequest(errors, status_code=400) update_user_password(user, pwd) return jsonify(data=user.serialize()), 200
def update_password(user_id): user = get_user_by_id(user_id=user_id) req_json = request.get_json() password = req_json.get('_password') validated_email_access = req_json.pop('validated_email_access', False) update_dct, errors = user_update_password_schema_load_json.load(req_json) if errors: raise InvalidRequest(errors, status_code=400) update_user_password(user, password, validated_email_access=validated_email_access) return jsonify(data=user.serialize()), 200
def update_password(user_id): user = get_user_by_id(user_id=user_id) req_json = request.get_json() pwd = req_json.get('_password') update_dct, errors = user_update_password_schema_load_json.load(req_json) if errors: raise InvalidRequest(errors, status_code=400) response = pwnedpasswords.check(pwd) if response > 0: errors.update({'password': ['Password is not allowed.']}) raise InvalidRequest(errors, status_code=400) update_user_password(user, pwd) changes = {'password': "******"} try: _update_alert(user, changes) except Exception as e: current_app.logger.error(e) return jsonify(data=user.serialize()), 200