def change_password(): """Change the password of an existing user""" oldPassword = request.form['oldPassword'] newPassword = request.form['newPassword'] if bcrypt.check_password_hash(current_user.passw, oldPassword): hashed = bcrypt.generate_password_hash(newPassword) current_user.passw = hashed current_user.commit_to_session() return serve_response({}) return serve_error('old password does not match', 401)
def change_password(): oldPassword = request.form['oldPassword'] newPassword = request.form['newPassword'] if bcrypt.check_password_hash(current_user.passw, oldPassword): hashed = bcrypt.generate_password_hash(newPassword) current_user.passw = hashed session.add(current_user) session.flush() session.commit() return serve_response({}) return serve_error('old password does not match', 401)
def create_user(): """Create a new user""" # Get form contents username = request.form['username'] password = request.form['password'] display = request.form['display'] # Create the user if doesn't already exist user = load_user(username) if user is None: hashed = bcrypt.generate_password_hash(password) user = User(username=username, passw=hashed, display=display, admin=0) user.commit_to_session() return serve_response({}) return serve_error('username already exists', 401)
def create_user(): # Verify that the poster is an admin if current_user.admin == 0: return server_error('Must be admin to create users', 401) # Get form contents username = request.form['username'] password = request.form['password'] display = request.form['display'] # Create the user if doesn't already exist user = load_user(username) if user is None: hashed = bcrypt.generate_password_hash(password) user = User(username=username, passw=hashed, display=display, admin=0) session.add(user) session.flush() session.commit() return serve_response({}) return serve_error('username already exists', 401)