def POST(self):
info = web.input()
message = None
uid = web.config._session.userid
pword = str(info.old)
upass = str(db.select('Users', vars=locals(),where='id=$uid', what='password')[0].password)
if (info.new != info.repeated):
message = "Passwords do not match"
elif (upass == bcrypt.hashpw(pword, upass)):
change_pass(uid, info.new)
message = "Password updated successfully"
else:
message = "Invalid Password"
form = render.pwdchange('/user/info', message=message)
return render_page(form)
def GET(self):
form = render.pwdchange('/user/info')
return render_page(form)