def changePassword(): token = request.form['token'] oldPassword = hashlib.sha224(request.form['oldPassword']).hexdigest() newPassword = hashlib.sha224(request.form['newPassword']).hexdigest() if (token in loggedInUsers.keys()): dbRet = database_helper.getUser(loggedInUsers[token]) if (dbRet == []): return jsonify(success = False, message = "User does not exist") else: email = loggedInUsers[token] dbRet = database_helper.changePassword(email, oldPassword, newPassword) if (dbRet): return jsonify(success = True, message = "Password changed") else: return jsonify(success = False, message = "Incorrect password") else: return jsonify(success = False, message = "Not logged in")
def changePassword(): if request.method == 'POST': token = request.form['token'] oldPassword = request.form['oldPassword'] newPassword = request.form['newPassword'] if not validPassword(newPassword): return json.dumps({ "success": False, "message": "Password must be 4 characters or more." }) if database_helper.changePassword(token, oldPassword, newPassword): return json.dumps({ "success": True, "message": "Successfully changed password." }) else: return json.dumps({ "success": False, "message": "Could not change password." })
@app.route('/changepassword', methods=["POST"]) def changePassword(): #Changes a users password token = request.form['token'] oldPass = request.form['oldpassword'] newPass = request.form['newpassword'] try: email = loggedInUsers[token] except Exception, e: return json.dumps({'success' : False, 'message' : 'you are not signed in'}) info = database_helper.getUser(email) if verifyPass(oldPass, info[1]): hashPass = hashPassword(newPass) database_helper.changePassword(email, hashPass) return json.dumps({'success' : True, 'message' : 'password changed'}) else: return json.dumps({'success' : False, 'message' : 'wrong password'}) @app.route('/getuserdata') def getUserDataByToken(): #Retrieves userdata from token token = request.args.get('token') try: email = loggedInUsers[token] except Exception, e: return json.dumps({'success' : False, 'message' : 'you are not signed in'}) info = database_helper.getUser(email) return json.dumps({'success' : True, 'user' : info})