def change_password():
error = ''
try:
form = ChangepwdForm()
if form.validate_on_submit():
curr_pwd = g.user.password
input_old_pwd = form.old_password.data
input_new_pwd = form.new_password.data
#flash('form error %s' % form.errors)
#check input old password
if sha256_crypt.verify(input_old_pwd, curr_pwd):
p = sha256_crypt.encrypt(input_new_pwd) #hash the New password
g.user.password = p
db.session.add(g.user)
db.session.commit()
flash("Password changed! For your account safety, please re-login!")
return redirect(url_for('change_password'))
flash("Old password incorrect, try again!")
return render_template('change_password.html', title='Change Password',form=form,error=error)
except Exception as e:
#return(str(e))
#flash("Old password incorrect, try again!")
return render_template('change_password.html', title='Change Password',form=form,error=error)
def changepwd():
form = ChangepwdForm()
if request.method == "POST":
if form.validate_on_submit():
user = User.query.filter(User.id == current_user.id).first()
user.password = request.form.get('password')
db.session.commit()
flash('修改成功')
else:
flash('修改失败')
return redirect(url_for('profile'))
return render_template('changepwd.html', form=form)
