implemented /change_password
This commit is contained in:
parent
74cd0713ec
commit
8daf81ac46
26
buckler.py
26
buckler.py
|
@ -58,11 +58,33 @@ async def index(request):
|
||||||
return render_template("index.html", request, locals())
|
return render_template("index.html", request, locals())
|
||||||
|
|
||||||
|
|
||||||
@routes.get(config.url_prefix + '/change_password', name='change_password')
|
@routes.post(config.url_prefix + '/change_password', name='change_password')
|
||||||
@auth.auth_required
|
@auth.auth_required
|
||||||
async def change_password(request):
|
async def change_password(request):
|
||||||
"""Allows a user to change their password."""
|
"""Allows a user to change their password."""
|
||||||
pass
|
data = await request.post()
|
||||||
|
current_pw = data.get('current_password')
|
||||||
|
new_pw = data.get('new_password')
|
||||||
|
verify_pw = data.get('verify_password')
|
||||||
|
|
||||||
|
if not all(current_pw, new_pw, verify_pw):
|
||||||
|
return
|
||||||
|
if not new_pw == verify_pw:
|
||||||
|
return
|
||||||
|
|
||||||
|
async with request.app['pool'].acquire() as conn:
|
||||||
|
pw_hash = conn.fetchrow(
|
||||||
|
"SELECT password_hash FROM user_info WHERE id = $1",
|
||||||
|
request['session']['id'])
|
||||||
|
if not argon2.verify(current_pw, pw_hash['password_hash']):
|
||||||
|
return
|
||||||
|
h = argon2.hash(new_pw)
|
||||||
|
conn.execute(
|
||||||
|
"UPDATE user_info SET password_hash = $1 WHERE id = $2",
|
||||||
|
h, request['session']['id'])
|
||||||
|
index_url = request.app.router['index'].url_for()
|
||||||
|
raise web.HTTPFound(location=index_url)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@routes.get(config.url_prefix + '/login', name='login')
|
@routes.get(config.url_prefix + '/login', name='login')
|
||||||
|
|
|
@ -54,3 +54,17 @@ tr {
|
||||||
td {
|
td {
|
||||||
text-align: center;
|
text-align: center;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#change_password {
|
||||||
|
border: none;
|
||||||
|
border-collapse: separate;
|
||||||
|
width: auto;
|
||||||
|
}
|
||||||
|
|
||||||
|
#change_password tr {
|
||||||
|
border: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
#change_password td {
|
||||||
|
text-align: left;
|
||||||
|
}
|
||||||
|
|
|
@ -63,12 +63,20 @@
|
||||||
<article style="display: none;">
|
<article style="display: none;">
|
||||||
<hr>
|
<hr>
|
||||||
<form action="{{ request.app.router['change_password'].url_for() }}" method="post" enctype="application/x-www-form-urlencoded">
|
<form action="{{ request.app.router['change_password'].url_for() }}" method="post" enctype="application/x-www-form-urlencoded">
|
||||||
<label for="current_password">Current password</label>
|
<table id="change_password">
|
||||||
<input id="current_password" name="current_password" type="password"><br>
|
<tr>
|
||||||
<label for="new_password">New password</label>
|
<td><label for="current_password">Current password</label></td>
|
||||||
<input id="new_password" name="new_password" type="password"><br>
|
<td><input id="current_password" name="current_password" type="password"></td>
|
||||||
<label for="verify_password">Verify password</label>
|
</tr>
|
||||||
<input id="verify_password" name="verify_password" type="password"><br>
|
<tr>
|
||||||
|
<td><label for="new_password">New password</label></td>
|
||||||
|
<td><input id="new_password" name="new_password" type="password"></td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><label for="verify_password">Verify password</label></td>
|
||||||
|
<td><input id="verify_password" name="verify_password" type="password"></td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
<input type="submit" value="Submit">
|
<input type="submit" value="Submit">
|
||||||
</form>
|
</form>
|
||||||
</article>
|
</article>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user