def updatePassword():
data = json.loads(request.data)
currentPassword = data["currentPassword"]
newPassword = data["newPassword"]
confirmNewPassword = data["confirmNewPassword"]
if not UserModel.checkPassword(getCurrentUid(), currentPassword):
return json.dumps({
"result": "fail",
"msg": "Current password is not correct!"
})
if newPassword != confirmNewPassword:
return json.dumps({"result": "fail", "msg": "Passwords don't match!"})
if not isValidPassword(newPassword):
return json.dumps({
"result":
"fail",
"msg":
"Password is not valid! It must be at least 6 characters."
})
UserModel.updatePassword(getCurrentUid(), newPassword)
return json.dumps({
"result": "success",
"msg": "Password has updated successfully!"
})
def passwordReset():
if request.method == "POST":
email = request.form.get("email")
hashCodeFromUser = request.form.get("hash")
password = request.form.get("password")
confirmPassword = request.form.get("confirm-password")
if email != None and UserModel.isThereThisEmail(email):
hashCode = generatePasswordResetHashCode(email)
if hashCodeFromUser != None and password != None and confirmPassword != None:
if hashCode == hashCodeFromUser and password == confirmPassword:
#Get user id
userId = UserModel.getUserByEmail(email)["uid"]
#Update password
UserModel.updatePassword(userId, password)
flash("Your password updated succesfully. Now you can log in.", "success")
return redirect(url_for("login"))
else:
#Send password reset mail
sendMail({
"To" : email,
"Subject" : "Password Reset - devSeater",
"Body" : render_template("mail/password-reset-mail.html", SITE_ADDR = SITE_ADDR, email = email, hashCode = hashCode)
})
#Show message
flash("If you have entered your email address properly, we sent you an email. Please check your inbox.", "success")
else:
return redirect(url_for("index"))
return redirect(url_for("passwordReset"))
else:
email = request.args.get("email")
hashCode = request.args.get("hash")
return render_template("intro/password-reset.html", email = email, hashCode = hashCode)