def change_password(): error = '' try: form = ChangepwdForm() if form.validate_on_submit(): curr_pwd = g.user.password input_old_pwd = form.old_password.data input_new_pwd = form.new_password.data #flash('form error %s' % form.errors) #check input old password if sha256_crypt.verify(input_old_pwd, curr_pwd): p = sha256_crypt.encrypt(input_new_pwd) #hash the New password g.user.password = p db.session.add(g.user) db.session.commit() flash("Password changed! For your account safety, please re-login!") return redirect(url_for('change_password')) flash("Old password incorrect, try again!") return render_template('change_password.html', title='Change Password',form=form,error=error) except Exception as e: #return(str(e)) #flash("Old password incorrect, try again!") return render_template('change_password.html', title='Change Password',form=form,error=error)
def changepwd(): form = ChangepwdForm() if request.method == "POST": if form.validate_on_submit(): user = User.query.filter(User.id == current_user.id).first() user.password = request.form.get('password') db.session.commit() flash('修改成功') else: flash('修改失败') return redirect(url_for('profile')) return render_template('changepwd.html', form=form)