ManuelW/MikaList
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add endpoint to change user password with validation for current password

Browse Source
This commit is contained in:
Manuel Weiser 2024-09-03 21:11:02 +02:00
parent c5ec574873
commit facc27def3
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
game_collection/user_management.py
View File

@ -100,6 +100,22 @@ def delete_user(user_id):
db.session.commit() db.session.commit()
return jsonify({'message': 'User deleted!'}), 200 return jsonify({'message': 'User deleted!'}), 200
@user_bp.route('/users/change_password', methods=['PUT'])
def change_password():
data = request.json
current_password = data.get('current_password')
new_password = data.get('new_password')
if not current_password or not new_password:
return jsonify({'message': 'Current and new passwords are required!'}), 400
if not check_password_hash(g.user.password, current_password):
return jsonify({'message': 'Current password is incorrect!'}), 401
g.user.password = generate_password_hash(new_password)
db.session.commit()
return jsonify({'message': 'Password changed successfully!'}), 200
@user_bp.route('/games/<int:game_id>', methods=['PUT']) @user_bp.route('/games/<int:game_id>', methods=['PUT'])
def edit_game(game_id): def edit_game(game_id):
if not authenticate(): if not authenticate():