def change_password():
# this is basically the same coding as the register function
# needs to be DRY'ed out in the future
user = root.authorized()
if config.auth and not root.authorized(): redirect('/login')
opasswd = request.forms.opasswd
pw1 = request.forms.npasswd1
pw2 = request.forms.npasswd2
# check old passwd
#user = request.forms.user
if _check_user_passwd(user, opasswd) and pw1 == pw2 and len(pw1) > 0:
u = users(user=user)
u.update_record(passwd=_hash_pass(pw1))
db.commit()
else:
return template('error', err="problem with password")
params = {}
params['user'] = user
params['alert'] = "SUCCESS: password changed"
return template('account', params)
评论列表
文章目录
