def update_password(): if request.method == "POST": if "logged_in" in session.keys() and session["logged_in"]: email = session["email"] old_pw = request.form["old_password"] new_a = request.form["new_password_a"] new_b = request.form["new_password_b"] if new_a == new_b: if users.valid_password(email, old_pw): users.update_password(email, new_a) else: flash("The old password did not match") return redirect( url_for("user")), status.HTTP_401_UNAUTHORIZED else: flash("The new passwords did not match") return redirect(url_for("user")), status.HTTP_400_BAD_REQUEST return redirect(url_for("user")), status.HTTP_200_OK else: return redirect(url_for("home")), status.HTTP_401_UNAUTHORIZED else: return redirect(url_for("user")), status.HTTP_405_METHOD_NOT_ALLOWED
def test_validate_user_two_bad_password(self): self.assertFalse( user.valid_password("*****@*****.**", "wrong_user_two_password"))
def test_validate_admin_one_bad_password(self): self.assertFalse( user.valid_password("*****@*****.**", "wrong_admin_password"))
def test_validate_user_two_good_password(self): self.assertTrue( user.valid_password("*****@*****.**", "user_two_test_password"))
def test_validate_admin_one_good_password(self): self.assertTrue( user.valid_password("*****@*****.**", "admin_test_password"))