def set_password_reset_token( self, user: User, new_password: str, new_password2: str, reset_token: str, do_save: bool = False, ): self._check_user_auth_validity(user) self._check_password_modification_allowed(user) self.validate_reset_password_token(user, reset_token) if new_password != new_password2: raise PasswordDoNotMatch("Passwords given are different") self.update(user=user, password=new_password, do_save=do_save) user.reset_tokens() if do_save: self.save(user) return user
def set_password(self, user: User, loggedin_user_password: str, new_password: str, new_password2: str, do_save: bool = True): """ Set User password if logged-in user password is correct and both new_password are the same. :param user: User who need password changed :param loggedin_user_password: cleartext password of logged user (not same as user) :param new_password: new password for user :param new_password2: should be same as new_password :param do_save: should we save new user password ? :return: """ if not self._user: raise NoUserSetted( 'Current User should be set in UserApi to use this method' ) # nopep8 self._check_password_modification_allowed(self._user) if not self._user.validate_password(loggedin_user_password): # nopep8 raise WrongUserPassword( 'Wrong password for authenticated user {}'.format( self._user.user_id) # nopep8 ) if new_password != new_password2: raise PasswordDoNotMatch('Passwords given are different') self.update( user=user, password=new_password, do_save=do_save, ) if do_save: # TODO - G.M - 2018-07-24 - Check why commit is needed here self.save(user) return user
def set_password_reset_token( self, user: User, new_password: str, new_password2: str, reset_token: str, do_save: bool = False, ): self.validate_reset_password_token(user, reset_token) if new_password != new_password2: raise PasswordDoNotMatch('Passwords given are different') self.update( user=user, password=new_password, do_save=do_save, ) user.reset_tokens() if do_save: self.save(user) return user