def update_password():
if request.method == "POST":
if "logged_in" in session.keys() and session["logged_in"]:
email = session["email"]
old_pw = request.form["old_password"]
new_a = request.form["new_password_a"]
new_b = request.form["new_password_b"]
if new_a == new_b:
if users.valid_password(email, old_pw):
users.update_password(email, new_a)
else:
flash("The old password did not match")
return redirect(
url_for("user")), status.HTTP_401_UNAUTHORIZED
else:
flash("The new passwords did not match")
return redirect(url_for("user")), status.HTTP_400_BAD_REQUEST
return redirect(url_for("user")), status.HTTP_200_OK
else:
return redirect(url_for("home")), status.HTTP_401_UNAUTHORIZED
else:
return redirect(url_for("user")), status.HTTP_405_METHOD_NOT_ALLOWED
def test_validate_user_two_bad_password(self):
self.assertFalse(
user.valid_password("*****@*****.**",
"wrong_user_two_password"))
def test_validate_admin_one_bad_password(self):
self.assertFalse(
user.valid_password("*****@*****.**", "wrong_admin_password"))
def test_validate_user_two_good_password(self):
self.assertTrue(
user.valid_password("*****@*****.**",
"user_two_test_password"))
def test_validate_admin_one_good_password(self):
self.assertTrue(
user.valid_password("*****@*****.**", "admin_test_password"))