def change_user_password(self, request, **kwargs):
     if request.method != 'POST':
         return HttpResponse(json.dumps({"message":"method not allowed"}), content_type="application/json",status=401)
     try:
         load = json.loads(request.body)
     except:
         return HttpResponse(content_type="application/json", status=404)
     type = kwargs['type']
     otp_token = load.get('otp_token')
     password = load.get('password1')
     repassword = load.get('password2')
     invalid_password = check_password(repassword)
     if (invalid_password):
         return HttpBadRequest("password is not meant according to the rules")
     auth_key = load.get('auth_key')
     user_details = {}
     if not type:
         return HttpBadRequest("type not defined use email/phone")
     if password != repassword:
         return HttpBadRequest("password1 and password2 not matched")
     try:
         if type=='phone':
             try:
                 if not (settings.ENV in settings.IGNORE_ENV and otp_token in settings.HARCODED_OTPS):
                     consumer = afterbuy_model.OTPToken.objects.get(token=otp_token).user
                     otp_handler.validate_otp(otp_token, user=consumer)
             except Exception:
                 raise ImmediateHttpResponse(
                     response=http.HttpBadRequest('Wrong OTP!'))
             user_details['id'] = consumer.user.id
         elif type=='email':
             try:
                 user_obj = afterbuy_model.EmailToken.objects.get(activation_key=auth_key).user
             except Exception:
                 
                 raise ImmediateHttpResponse(
                     response=http.HttpBadRequest('invalid authentication key!'))
             user_details['email'] = user_obj.user.email
         user = User.objects.filter(**user_details)[0]
         user.set_password(password)
         user.save()
         data = {'status': 1, 'message': "password updated successfully"}
     except Exception as ex:
         logger.error('Invalid details, mobile {0} and exception {1}'.format(request.POST.get('phone_number', ''),ex))
         data = {'status': 0, 'message': "password not updated"}
     return HttpResponse(json.dumps(data), content_type="application/json")
예제 #2
0
def change_password(request):
    if request.method == 'GET':
        return render(request, 'portal/change_password.html')
    if request.method == 'POST':
        groups = utils.stringify_groups(request.user)
        if Roles.DEALERS in groups or Roles.ASCS in groups:
            user = User.objects.get(username=request.user)
            old_password = request.POST.get('oldPassword')
            new_password = request.POST.get('newPassword')
            check_pass = user.check_password(str(old_password))
            if check_pass:
                invalid_password = check_password(new_password)
                if (invalid_password):
                    data = {'message':"password does not match the rules",'status':False}
                else:    
                    user.set_password(str(new_password))
                    user.save()
                    data = {'message': 'Password Changed successfully', 'status': True}
            else:
                data = {'message': 'Old password wrong', 'status': False}
            return HttpResponse(json.dumps(data), content_type='application/json')
        else:
            return HttpResponseBadRequest('Not Allowed')