def new_password(auth_code): user = User.objects.get_or_404(pk_hash=auth_code) form = PasswordChangeForm(request.form) if request.method == 'POST' and form.validate(): user.set_password(form.password.data) user.save() flash('Password changed successfully', 'success') return redirect(url_for('auth.login')) context = { 'title': 'Choose New Password', 'description': 'Choose new BreezeMinder.com password', 'form': form } return render_template('user/password.html', **context)
def change_password(): form = PasswordChangeForm(request.form) if request.method == 'POST' and form.validate(): # Check current pasword if current_user.hash_password(form.current_password.data) != current_user.password: flash('Your current password is incorrect', 'error') else: current_user.set_password(form.password.data) current_user.save() flash('Password changed successfully', 'success') return redirect(url_for('user.password')) context = { 'title': 'Change Password', 'description': 'Change your BreezeMinder.com account password', 'form': form } return render_template('user/password.html', **context)