feat: add endpoint to change user password with validation for current password
This commit is contained in:
parent
c5ec574873
commit
facc27def3
@ -100,6 +100,22 @@ def delete_user(user_id):
|
||||
db.session.commit()
|
||||
return jsonify({'message': 'User deleted!'}), 200
|
||||
|
||||
@user_bp.route('/users/change_password', methods=['PUT'])
|
||||
def change_password():
|
||||
data = request.json
|
||||
current_password = data.get('current_password')
|
||||
new_password = data.get('new_password')
|
||||
|
||||
if not current_password or not new_password:
|
||||
return jsonify({'message': 'Current and new passwords are required!'}), 400
|
||||
|
||||
if not check_password_hash(g.user.password, current_password):
|
||||
return jsonify({'message': 'Current password is incorrect!'}), 401
|
||||
|
||||
g.user.password = generate_password_hash(new_password)
|
||||
db.session.commit()
|
||||
return jsonify({'message': 'Password changed successfully!'}), 200
|
||||
|
||||
@user_bp.route('/games/<int:game_id>', methods=['PUT'])
|
||||
def edit_game(game_id):
|
||||
if not authenticate():
|
||||
|
Loading…
Reference in New Issue
Block a user