def change_password(): if current_user.is_anonymous(): return redirect(url_for('auth.login')) form = PasswordChangeForm() if request.method == "POST": User.change_password(current_user, request.form['old_password'], request.form['new_password']) flash("Password changed") return render_template("auth/change_password.html", form=form)