def update_user():
if request.method == 'POST':
email = session['email']
password = request.form['password']
new_password = request.form['new-password']
user = User.find_by_email(email)
try:
if User.change_user_password(email, password, new_password,
user._id):
return redirect(url_for(".user_alerts"))
except UserErrors.UserErrors as e:
return e.message
return render_template("users/update.html")
