changing password in settings dialog

2024-12-26 17:21:23 +08:00 · 2017-09-12 22:23:57 -04:00 · 2017-09-12 22:23:57 -04:00 · 3e97cdf085
commit 3e97cdf085
parent b0957a0c8f
3 changed files with 48 additions and 6 deletions
--- a/src/my_scrypt.py
+++ b/src/my_scrypt.py
@ -2,18 +2,20 @@ import scrypt  # pip install scrypt
 import sql

 def getVerificationHash(password):
-    # getOption returns unicode bytes which scrypt doesn't like
-    salt = sql.getOption('verification_salt').encode('ascii', 'ignore')
+    salt = sql.getOption('verification_salt')

    return getScryptHash(password, salt)

 def getEncryptionHash(password):
-    # getOption returns unicode bytes which scrypt doesn't like
-    salt = sql.getOption('encryption_salt').encode('ascii', 'ignore')
+    salt = sql.getOption('encryption_salt')

    return getScryptHash(password, salt)

 def getScryptHash(password, salt):
+    # scrypt doesn't like unicode strings
+    password = password.encode('ascii', 'ignore')
+    salt = salt.encode('ascii', 'ignore')
+
    hashed = scrypt.hash(password=password,
                salt=salt,
                N=16384,
--- a/src/password_api.py
+++ b/src/password_api.py
@ -3,6 +3,7 @@ from flask_login import login_required
 import hashlib
 import binascii
 import sql
+import change_password

 password_api = Blueprint('password_api', __name__)

@ -20,3 +21,12 @@ def verifyPassword():
    return jsonify({
        'valid': isValid
    })
+
+@password_api.route('/password/change', methods = ['POST'])
+@login_required
+def changePassword():
+    req = request.get_json(force=True)
+
+    result = change_password.change_password(req['current_password'], req['new_password'])
+
+    return jsonify(result)
--- a/static/js/settings.js
+++ b/static/js/settings.js
@ -8,7 +8,37 @@ function displaySettings() {
 }

 $("#changePasswordForm").submit(() => {
-    console.log("Submit");
+    const oldPassword = $("#oldPassword").val();
+    const newPassword1 = $("#newPassword1").val();
+    const newPassword2 = $("#newPassword2").val();
+
+    $("#oldPassword").val('');
+    $("#newPassword1").val('');
+    $("#newPassword2").val('');
+
+    if (newPassword1 != newPassword2) {
+        alert("New passwords are not the same.");
+        return false;
+    }
+
+    $.ajax({
+        url: baseUrl + 'password/change',
+        type: 'POST',
+        data: JSON.stringify({
+            'current_password': oldPassword,
+            'new_password': newPassword1
+        }),
+        contentType: "application/json",
+        success: function (result) {
+            if (result.success) {
+                alert("Password has been changed.");
+            }
+            else {
+                alert(result.message);
+            }
+        },
+        error: () => alert("Error occurred during changing password.")
+    });

    return false;
 });