def update_user_password(self, user_id, password): """ Updates user's password. There is no need to hash/encrypt the password - function does it automatically. arguments: user_id -- a database ID of a user password -- new password """ user_key = mk_user_key(user_id) user_data = self.db.get(user_key) if user_data: user_data['pwd_hash'] = mk_pwd_hash_default(password) self.db.set(user_key, user_data) else: raise AuthException(_('User %s not found.') % user_id)
def update_user_password(self, user_id, password): """ Updates user's password. There is no need to hash/encrypt the password - function does it automatically. Security note: the calling function must make sure user_id matches the actual user logged in arguments: user_id -- a database ID of a user password -- new password """ cursor = self.db.cursor() cursor.execute('SELECT username FROM kontext_user WHERE id = %s', (user_id,)) row = cursor.fetchone() if row is not None: cursor.execute('UPDATE kontext_user SET pwd_hash = %s WHERE id = %s', (mk_pwd_hash_default(password), user_id)) self.db.commit() else: raise AuthException(_('User %s not found.') % user_id)