diff options
Diffstat (limited to 'mediagoblin/edit')
| -rw-r--r-- | mediagoblin/edit/forms.py | 23 | ||||
| -rw-r--r-- | mediagoblin/edit/routing.py | 2 | ||||
| -rw-r--r-- | mediagoblin/edit/views.py | 48 |
3 files changed, 50 insertions, 23 deletions
diff --git a/mediagoblin/edit/forms.py b/mediagoblin/edit/forms.py index ef270237..c67180e9 100644 --- a/mediagoblin/edit/forms.py +++ b/mediagoblin/edit/forms.py @@ -59,17 +59,6 @@ class EditProfileForm(wtforms.Form): class EditAccountForm(wtforms.Form): - old_password = wtforms.PasswordField( - _('Old password'), - description=_( - "Enter your old password to prove you own this account.")) - new_password = wtforms.PasswordField( - _('New password'), - [ - wtforms.validators.Optional(), - wtforms.validators.Length(min=6, max=30) - ], - id="password") license_preference = wtforms.SelectField( _('License preference'), [ @@ -103,3 +92,15 @@ class EditCollectionForm(wtforms.Form): description=_( "The title part of this collection's address. " "You usually don't need to change this.")) + + +class ChangePassForm(wtforms.Form): + old_password = wtforms.PasswordField( + _('Old password'), + [wtforms.validators.Required()], + description=_( + "Enter your old password to prove you own this account.")) + new_password = wtforms.PasswordField( + _('New password'), + [wtforms.validators.Required(), + wtforms.validators.Length(min=6, max=30)]) diff --git a/mediagoblin/edit/routing.py b/mediagoblin/edit/routing.py index 035a766f..622729ac 100644 --- a/mediagoblin/edit/routing.py +++ b/mediagoblin/edit/routing.py @@ -24,3 +24,5 @@ add_route('mediagoblin.edit.account', '/edit/account/', 'mediagoblin.edit.views:edit_account') add_route('mediagoblin.edit.delete_account', '/edit/account/delete/', 'mediagoblin.edit.views:delete_account') +add_route('mediagoblin.edit.pass', '/edit/password/', + 'mediagoblin.edit.views:change_pass') diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py index bfcf65b5..508c380d 100644 --- a/mediagoblin/edit/views.py +++ b/mediagoblin/edit/views.py @@ -229,18 +229,6 @@ def edit_account(request): form.wants_comment_notification.data if form_validated and \ - form.new_password.data or form.old_password.data: - password_matches = auth_lib.bcrypt_check_password( - form.old_password.data, - user.pw_hash) - if password_matches: - #the entire form validates and the password matches - user.pw_hash = auth_lib.bcrypt_gen_password_hash( - form.new_password.data) - else: - form.old_password.errors.append(_('Wrong password')) - - if form_validated and \ form.license_preference.validate(form): user.license_preference = \ form.license_preference.data @@ -345,3 +333,39 @@ def edit_collection(request, collection): 'mediagoblin/edit/edit_collection.html', {'collection': collection, 'form': form}) + + +@require_active_login +def change_pass(request): + form = forms.ChangePassForm(request.form) + user = request.user + + if request.method == 'POST' and form.validate(): + + if not auth_lib.bcrypt_check_password( + form.old_password.data, user.pw_hash): + form.old_password.errors.append( + _('Wrong password')) + + return render_to_response( + request, + 'mediagoblin/edit/change_pass.html', + {'form': form, + 'user': user}) + + # Password matches + user.pw_hash = auth_lib.bcrypt_gen_password_hash( + form.new_password.data) + user.save() + + messages.add_message( + request, messages.SUCCESS, + _('Your password was changed successfully')) + + return redirect(request, 'mediagoblin.edit.account') + + return render_to_response( + request, + 'mediagoblin/edit/change_pass.html', + {'form': form, + 'user': user}) |