def set_new_password(): form = ChangePasswordForm(request.form) user = app.security.datastore.get_user(session["_user_id"]) old_password = user.password _status = "empty" if form.validate_on_submit(): if form.old_password.data: app.artemis_logger.debug( "verify: {}".format( verify_password(form.old_password.data, old_password) ) ) if verify_password(form.old_password.data, old_password): app.artemis_logger.debug("password_match") user = User.query.filter_by(username=user.username).first() user.password = hash_password(form.password.data) db.session.commit() _status = "success" else: _status = "wrong_old_password" return render_template( "security/new_password.htm", password_change=form, status=_status )
def password_change(): _password_change = ChangePasswordForm() _password_change.validate_on_submit() return render_template("security/new_password.htm", password_change=_password_change, status=None)