def profile(): """Update profile for current user.""" if not g.user: flash("Access unauthorized.", "danger") return redirect("/") form = UserEditForm(obj=g.user) # form is valid? if form.validate_on_submit(): # form has valid Pword? if User.authenticate(username=g.user.username, password=form.password.data): g.user.update_from_serial(request.form) db.session.add(g.user) try: db.session.commit() return redirect(url_for("user_routes.users_show", user_id=g.user.id)) except IntegrityError: flash("Username or email already taken", 'danger') return render_template('/users/edit.html', form=form) else: form.password.errors.append("Password is incorrect!") return render_template('/users/edit.html', form=form)