def employee_update_password(request, employee_id):
"""
This endpoint update employee password
---
response_serializer: employees.serializers.EmployeeSerializer
parameters:
- name: current_password
required: true
paramType: string
- name: new_password
required: true
paramType: string
responseMessages:
- code: 400
message: Bad request.
- code: 401
message: Unauthorized. Authentication credentials were not provided. Invalid token.
- code: 403
message: Forbidden.
- code: 404
message: Not found
"""
if request.method == 'POST':
try:
current_password = request.data['current_password']
new_password = request.data['new_password']
except Exception as e:
print(e)
raise NotAcceptable(config.USER_DATA_IS_MISSING)
employee = get_object_or_404(Employee, pk=employee_id)
if current_password == new_password:
content = {'detail': config.PASSWORD_EQUAL}
return Response(content, status=status.HTTP_400_BAD_REQUEST)
elif employee.check_password(current_password):
employee.set_password(new_password)
employee.reset_password_code = None
employee.is_password_reset_required = False
employee.save()
serializer = EmployeeSerializer(employee)
return Response(serializer.data, status=status.HTTP_202_ACCEPTED)
else:
content = {'detail': config.WRONG_CURRENT_PASSWORD}
return Response(content, status=status.HTTP_400_BAD_REQUEST)
评论列表
文章目录
