Esempio n. 1
0
def changePassword(token):
    form = ChangePasswordForm(request.form)
    if form.validate():
        email = database_helper.getUserEmailByToken(token)
        if email is not None:
            if validLogin(email, request.form['oldPassword']):
                passwordHash = bcrypt.generate_password_hash(request.form['newPassword'])
                result = database_helper.updateUserPassword(email, passwordHash)
                if result == True:
                    return json.dumps({'success': True, 'message': 'Password changed.'}), 200
                else:
                    return json.dumps({'success': False, 'message': 'Could not update password.'}), 503
            else:
                return json.dumps({'success': False, 'message': 'Wrong password.'}), 400
        else:
            return json.dumps({'success': False, 'message': 'You are not signed in.'}), 405
    else:
        return json.dumps({'success': False, 'message': 'Form data missing or incorrect type.'}), 400
Esempio n. 2
0
def changePassword(email):
    """Changes password for a user."""
    clientHash = request.headers.get('Hash-Hmac')
    utcTimestamp = request.headers.get('Hash-Timestamp')
    data = ['email=' + email, '&oldPassword='******'oldPassword'], '&newPassword='******'newPassword']]
    if validHMACHash(clientHash, data, email, utcTimestamp):
        form = ChangePasswordForm(request.form)
        if form.validate():
            if validLogin(email, request.form['oldPassword']):
                passwordHash = bcrypt.generate_password_hash(request.form['newPassword'])
                result = database_helper.updateUserPassword(email, passwordHash)
                if result == True:
                    return json.dumps({'success': True, 'message': 'Password changed.'}), 200
                else:
                    return json.dumps({'success': False, 'message': 'Could not update password.'}), 503
            else:
                return json.dumps({'success': False, 'message': 'Wrong password.'}), 400
        else:
            return json.dumps({'success': False, 'message': 'Form data missing or incorrect type.'}), 405
    else:
        return json.dumps({'success': False, 'message': 'Invalid hash.'}), 405