feat: add endpoint to change user password with validation for current password

This commit is contained in:
Manuel Weiser 2024-09-03 21:11:02 +02:00
parent c5ec574873
commit facc27def3

View File

@ -100,6 +100,22 @@ def delete_user(user_id):
db.session.commit()
return jsonify({'message': 'User deleted!'}), 200
@user_bp.route('/users/change_password', methods=['PUT'])
def change_password():
data = request.json
current_password = data.get('current_password')
new_password = data.get('new_password')
if not current_password or not new_password:
return jsonify({'message': 'Current and new passwords are required!'}), 400
if not check_password_hash(g.user.password, current_password):
return jsonify({'message': 'Current password is incorrect!'}), 401
g.user.password = generate_password_hash(new_password)
db.session.commit()
return jsonify({'message': 'Password changed successfully!'}), 200
@user_bp.route('/games/<int:game_id>', methods=['PUT'])
def edit_game(game_id):
if not authenticate():