def change_password(): f = forms.ChangePassword(request.form) if request.method == 'POST' and f.validate(): u = model.User.query.get(session['user_id']) if u.check_pw(f.old_password.data.strip()): u.password = f.new_password.data.strip() model.db.session.commit() flash('Password Changed') return redirect(url_for('index')) else: model.db.session.rollback() f.old_password.errors.append('Wrong current password!') return render_template('change_password.html', form=f, page_title='Change Password')
def POST(self): f = forms.ChangePassword() i = web.input() if not f.validates(i): return render['account/password'](f) user = accounts.get_current_user() username = user.key.split("/")[-1] if self.try_login(username, i.password): accounts.update_account(username, password=i.new_password) add_flash_message('note', _('Your password has been updated successfully.')) raise web.seeother('/account') else: f.note = "Invalid password" return render['account/password'](f)
def GET(self): f = forms.ChangePassword() return render['account/password'](f)