def reset_password(request): password_a = request.POST['password'] password_b = request.POST['password_confirm'] if password_a != password_b: return HttpResponse(status=400) else: try: user = Admin.objects.get(pk=request.session['user_id']) except Admin.DoesNotExist: return HttpResponse(status=500) else: user.password = Admin.make_password(password_a) user.save() return HttpResponse(status=200)