def change_password(): old_password = request.json['data']['old-password'] new_password = request.json['data']['new-password'] try: user = User.query.filter_by(id=current_user.id).one() except NoResultFound: return NotFoundError({'source': ''}, 'User Not Found').respond() else: if user.is_correct_password(old_password): if user.is_correct_password(new_password): return BadRequestError({'source': ''}, 'Old and New passwords must be different').respond() if len(new_password) < 8: return BadRequestError({'source': ''}, 'Password should have minimum 8 characters').respond() user.password = new_password save_to_db(user) send_email_with_action(user, PASSWORD_CHANGE, app_name=get_settings()['app_name']) send_notification_with_action(user, PASSWORD_CHANGE_NOTIF, app_name=get_settings()['app_name']) else: return BadRequestError({'source': ''}, 'Wrong Password. Please enter correct current password.').respond() return jsonify({ "id": user.id, "email": user.email, "name": user.fullname if user.fullname else None, "password-changed": True })
def change_password(): old_password = request.json['data']['old-password'] new_password = request.json['data']['new-password'] try: user = User.query.filter_by(id=current_user.id).one() except NoResultFound: return abort( make_response(jsonify(error="User not found"), 404) ) else: if user.is_correct_password(old_password): user.password = new_password save_to_db(user) send_email_with_action(user, PASSWORD_CHANGE, app_name=get_settings()['app_name']) send_notification_with_action(user, PASSWORD_CHANGE_NOTIF, app_name=get_settings()['app_name']) else: return abort( make_response(jsonify(error="Wrong Password"), 400) ) return jsonify({ "id": user.id, "email": user.email, "name": user.fullname if user.fullname else None, "password-changed": True })
def change_password(): old_password = request.json['data']['old-password'] new_password = request.json['data']['new-password'] try: user = User.query.filter_by(id=current_user.id).one() except NoResultFound: return abort( make_response(jsonify(error="User not found"), 404) ) else: if user.is_correct_password(old_password): user.password = new_password save_to_db(user) send_email_with_action(user, PASSWORD_CHANGE, app_name=get_settings()['app_name']) send_notification_with_action(user, PASSWORD_CHANGE_NOTIF, app_name=get_settings()['app_name']) else: return abort( make_response(jsonify(error="Wrong Password"), 400) ) return jsonify({ "id": user.id, "email": user.email, "name": user.fullname if user.fullname else None, "password-changed": True })