Commits

nakamura committed 69b67b8

tai.service.web: add password change form

  • Participants
  • Parent commits a24903f

Comments (0)

Files changed (3)

 
 class EmailChangeForm(schema.Schema):
     email = validators.Email(not_empty=True)
+
+
+class PasswordChangeForm(schema.Schema):
+    password0 = validators.String(min=4, not_empty=True)
+    password1 = validators.String(min=4, not_empty=True)
+    password2 = validators.String(min=4, not_empty=True)
+    chained_validators = [validators.FieldsMatch('password1', 'password2')]

tai/service/templates/settings.html

             </div>
         </form>
         {% end %}
+
+        <hr />
+
+        {% apply fillPassword %}
+        <form class="form-horizontal" method="POST">
+            <div class="control-group">
+                <label class="control-label" for="input-password0">Current password</label>
+                <div class="controls">
+                    <input type="password" name="password0" id="input-password0">
+                    <span class="text-error"><form:error name="password0" format="escapenl" /></span>
+                </div>
+            </div>
+            <div class="control-group">
+                <label class="control-label" for="input-password1">Password</label>
+                <div class="controls">
+                    <input type="password" name="password1" id="input-password1">
+                    <span class="text-error"><form:error name="password1" format="escapenl" /></span>
+                </div>
+            </div>
+            <div class="control-group">
+                <label class="control-label" for="input-password2">Password confirmation</label>
+                <div class="controls">
+                    <input type="password" name="password2" id="input-password2">
+                    <span class="text-error"><form:error name="password2" format="escapenl" /></span>
+                </div>
+            </div>
+            <div class="control-group">
+                <div class="controls">
+                    <input type="submit" class="btn btn-primary" name='change-password' value="submit">
+                </div>
+            </div>
+        </form>
+        {% end %}
     </div>
 </div>
 {% end %}

tai/service/web.py

         self.render('email-confirm.html')
 
     def post_password(self, input):
-        raise NotImplementedError()
+        try:
+            validInput = PasswordChangeForm.to_python(input)
+
+        except validators.Invalid as e:
+            errors = e.error_dict or {}
+
+            self.render('settings.html',
+                        fillEmail=self.getFillEmail(),
+                        fillPassword=self.getFillPassword(defaults=input,
+                                                          errors=errors))
+
+            return
+
+        user = self.avatar.user
+
+        if crypt(validInput['password0'], user.password) != user.password:
+            errors = {'password0': "don't match current password"}
+
+            self.render('settings.html',
+                        fillEmail=self.getFillEmail(),
+                        fillPassword=self.getFillPassword(defaults=input,
+                                                          errors=errors))
+
+            return
+
+        user.password = crypt(validInput['password1'])
+        transaction.commit()
+
+        # TODO: notice user that his password was changed
+        self.redirect(self.reverse_url(type(self).__name__))
 
     def getFillEmail(self, defaults=None, errors=None):
         if defaults is None: