def test_change_password(self):
with mock_user() as user:
new_password = random_string(20)
db.change_user_password(
user_id=user['id'],
password=new_password)
full_user = db.get_user_by_id(user['id'])
self.assertTrue(db.check_password(new_password,
full_user['password_hash']))
def post(self):
user_email = self.get_argument('email')
key = self.get_argument('key', None)
if key:
if self.get_secure_cookie('email', key) != user_email:
self.send_error(400)
return
password = self.get_argument('password')
db.change_user_password(user_email, password)
self.write({'status':'success'})
return
user = db.get_user_by_email(user_email)
if not user:
self.render('templates/password_reset_sent.html',
{'error':'Are you sure this is the right email address?'})
return
reset_email_sender(
{'user':user,
'callback_url':'http://www.tymdrop.com/password_reset?email=%s&key=%s' % (user_email, key)},
dict(
recipients=[user_email],
subject='The tymdrop password reset email you requested'))