Added ability to change account password
This commit is contained in:
parent
168a7b62b3
commit
63c7f0336a
4 changed files with 64 additions and 0 deletions
21
Tweeder.py
21
Tweeder.py
|
|
@ -175,6 +175,27 @@ def user_settings():
|
|||
theme=accounts.get_theme(session['username'].lower()))
|
||||
|
||||
|
||||
@app.route("/changepass", methods=['GET', 'POST'])
|
||||
def changepass():
|
||||
logged_in = session['username'] if ('username' in session.keys()) else False
|
||||
if not logged_in: return redirect(url_for('login'))
|
||||
if request.method == 'GET':
|
||||
return render_template('changepass.html', logged_in=logged_in, title="Change Password")
|
||||
elif request.method == 'POST':
|
||||
if request.form['new'] != request.form['confirm']:
|
||||
return render_template('changepass.html', logged_in=logged_in, title="Change Password",
|
||||
error="Passwords do not match!")
|
||||
if request.form['new'] == '':
|
||||
return render_template('changepass.html', logged_in=logged_in, title="Change Password",
|
||||
error="New password cannot be blank!")
|
||||
if accounts.change_password(logged_in, request.form['current'], request.form['new']):
|
||||
return render_template('changepass.html', logged_in=logged_in, title="Change Password",
|
||||
error="Old password was incorrect!")
|
||||
else:
|
||||
return render_template('changepass.html', logged_in=logged_in, title="Change Password",
|
||||
success="Password changed successfully!")
|
||||
|
||||
|
||||
@app.route("/delete/<post_id>", methods=['GET'])
|
||||
def delete_post(post_id):
|
||||
if 'username' not in session.keys(): return redirect(url_for('login'))
|
||||
|
|
|
|||
|
|
@ -86,6 +86,17 @@ def validate_username(username):
|
|||
return 0
|
||||
|
||||
|
||||
def change_password(username, oldpass, newpass):
|
||||
username = username.lower()
|
||||
hashed_password = account_details(username)['password']
|
||||
if hashed_password != bcrypt.hashpw(str.encode(oldpass), hashed_password):
|
||||
return 1 # Old password is incorrect
|
||||
new_hashed = bcrypt.hashpw(str.encode(newpass), bcrypt.gensalt(14))
|
||||
accounts_db.update_one({'username': username},
|
||||
{'$set': {'password': new_hashed}}, upsert=True)
|
||||
return 0 # All good :)
|
||||
|
||||
|
||||
def create_account(email, username, password):
|
||||
displayname = username
|
||||
username = username.lower()
|
||||
|
|
|
|||
26
templates/changepass.html
Normal file
26
templates/changepass.html
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
{% extends 'layout.html' %}
|
||||
{% block content %}
|
||||
<div class="container">
|
||||
{% if success %}
|
||||
<div class="alert alert-success alert-dismissable fade show">
|
||||
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
|
||||
<b>Success!</b> {{ success }}
|
||||
</div>
|
||||
{% endif %}
|
||||
{% if error %}
|
||||
<div class="alert alert-danger alert-dismissable fade show">
|
||||
<a href="#" class="close" data-dismiss="alert" aria-label="close">×</a>
|
||||
<b>Error!</b> {{ error }}
|
||||
</div>
|
||||
{% endif %}
|
||||
<form method="POST" action="/changepass" class="col-lg-6" enctype="multipart/form-data">
|
||||
<div class="form-group">
|
||||
<h2>Change Password</h2>
|
||||
<input type="password" name="current" class="form-control mb-2" placeholder="Current Password"/>
|
||||
<input type="password" name="new" class="form-control mb-2" placeholder="New Password"/>
|
||||
<input type="password" name="confirm" class="form-control mb-2" placeholder="Confirm Password"/>
|
||||
<button type="submit" class="btn btn-primary">Change Password</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
|
@ -81,6 +81,12 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<h2>Account Settings</h2>
|
||||
|
||||
<div class="input-group mb-3">
|
||||
<a href="/changepass" class="btn btn-link">I want to change my password</a>
|
||||
</div>
|
||||
|
||||
<button type="submit" class="btn btn-primary">Save</button>
|
||||
</div>
|
||||
</form>
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue