class EditAccountForm(wtforms.Form):
- old_password = wtforms.PasswordField(
- _('Old password'),
- description=_(
- "Enter your old password to prove you own this account."))
- new_password = wtforms.PasswordField(
- _('New password'),
- [
- wtforms.validators.Optional(),
- wtforms.validators.Length(min=6, max=30)
- ],
- id="password")
license_preference = wtforms.SelectField(
_('License preference'),
[
description=_(
"The title part of this collection's address. "
"You usually don't need to change this."))
+
+
+class ChangePassForm(wtforms.Form):
+ old_password = wtforms.PasswordField(
+ _('Old password'),
+ [wtforms.validators.Required()],
+ description=_(
+ "Enter your old password to prove you own this account."))
+ new_password = wtforms.PasswordField(
+ _('New password'),
+ [wtforms.validators.Required(),
+ wtforms.validators.Length(min=6, max=30)])
'mediagoblin.edit.views:edit_account')
add_route('mediagoblin.edit.delete_account', '/edit/account/delete/',
'mediagoblin.edit.views:delete_account')
+add_route('mediagoblin.edit.pass', '/edit/password/',
+ 'mediagoblin.edit.views:change_pass')
user.wants_comment_notification = \
form.wants_comment_notification.data
- if form_validated and \
- form.new_password.data or form.old_password.data:
- password_matches = auth_lib.bcrypt_check_password(
- form.old_password.data,
- user.pw_hash)
- if password_matches:
- #the entire form validates and the password matches
- user.pw_hash = auth_lib.bcrypt_gen_password_hash(
- form.new_password.data)
- else:
- form.old_password.errors.append(_('Wrong password'))
-
if form_validated and \
form.license_preference.validate(form):
user.license_preference = \
'mediagoblin/edit/edit_collection.html',
{'collection': collection,
'form': form})
+
+
+@require_active_login
+def change_pass(request):
+ form = forms.ChangePassForm(request.form)
+ user = request.user
+
+ if request.method == 'POST' and form.validate():
+
+ if not auth_lib.bcrypt_check_password(
+ form.old_password.data, user.pw_hash):
+ form.old_password.errors.append(
+ _('Wrong password'))
+
+ return render_to_response(
+ request,
+ 'mediagoblin/edit/change_pass.html',
+ {'form': form,
+ 'user': user})
+
+ # Password matches
+ user.pw_hash = auth_lib.bcrypt_gen_password_hash(
+ form.new_password.data)
+ user.save()
+
+ messages.add_message(
+ request, messages.SUCCESS,
+ _('Your password was changed successfully'))
+
+ return redirect(request, 'mediagoblin.edit.account')
+
+ return render_to_response(
+ request,
+ 'mediagoblin/edit/change_pass.html',
+ {'form': form,
+ 'user': user})
--- /dev/null
+{#
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#}
+{% extends "mediagoblin/base.html" %}
+
+{% import "/mediagoblin/utils/wtforms.html" as wtforms_util %}
+
+{% block mediagoblin_head %}
+ <script type="text/javascript"
+ src="{{ request.staticdirect('/js/show_password.js') }}"></script>
+{% endblock mediagoblin_head %}
+
+{% block title -%}
+ {% trans username=user.username -%}
+ Changing {{ username }}'s password
+ {%- endtrans %} — {{ super() }}
+{%- endblock %}
+
+{% block mediagoblin_content %}
+ <form action="{{ request.urlgen('mediagoblin.edit.pass') }}"
+ method="POST" enctype="multipart/form-data">
+ <div class="form_box edit_box">
+ <h1>
+ {%- trans username=user.username -%}
+ Changing {{ username }}'s password
+ {%- endtrans -%}
+ </h1>
+ {{ wtforms_util.render_divs(form) }}
+ {{ csrf_token }}
+ <div class="form_submit_buttons">
+ <input type="submit" value="{% trans %}Save{% endtrans %}"
+ class="button_form" />
+ </div>
+ </div>
+ </form>
+{% endblock %}
+
+
{%- trans username=user.username -%}
Changing {{ username }}'s account settings
{%- endtrans -%}
- </h1>
- {{ wtforms_util.render_field_div(form.old_password) }}
- {{ wtforms_util.render_field_div(form.new_password) }}
+ </h1>
+ <p>{% trans %}Change your{% endtrans %}
+ <a href="{{ request.urlgen('mediagoblin.edit.pass') }}">
+ {% trans %}password.{% endtrans %}
+ </a>
+ </p>
<div class="form_field_input">
<p>{{ form.wants_comment_notification }}
{{ wtforms_util.render_label(form.wants_comment_notification) }}</p>
projects / mediagoblin.git / commitdiff