def post(self):
args = self.parser.parse_args()
status = "failure"
payload = jwt.decode(
request.headers.environ.get('HTTP_X_ACCESS_TOKEN'),
current_app.config['SECRET_KEY'])
user = User.query.filter_by(id=payload['id']).first()
if bcrypt.check_password_hash(user.password, args['old_password']):
if not bcrypt.check_password_hash(user.password,
args['new_password']):
if args['new_password'] == args['confirm_new_password']:
current_app.logger.info("%s has changed the password",
user.username)
user.update(password=bcrypt.generate_password_hash(
args['new_password'].encode("utf-8")).decode("utf-8"))
message = "Password is updated successfully"
status = "success"
else:
message = "New password and confirm new password are not matching for the user"
else:
message = "New password and old password should not be same"
else:
message = "Old password is not matching"
return marshal(respcls(message, status),
parentwrapper.common_response_wrapper,
skip_none=True)
def check_password(self, value):
if not self.password:
# still do the computation
return bcrypt.generate_password_hash(value) and False
return bcrypt.check_password_hash(self.password, value)
