'Change password' support

5 files changed, 56 insertions, 8 deletions

diff --git a/app/forms.py b/app/forms.py
index 8cf9b6e..6c5782a 100644
--- a/app/forms.py
+++ b/app/forms.py
@@ -3,7 +3,7 @@ import flask
 from flask.ext.wtf import Form as _Form
 from wtforms.fields import DateField, IntegerField, StringField, HiddenField, PasswordField
 from wtforms import validators as v
-from wtforms import fields
+from wtforms import fields, ValidationError
 
 from wtforms.ext.sqlalchemy.fields import QuerySelectField
 from wtforms.ext.i18n.form import Form as i18nForm
@@ -113,3 +113,16 @@ class LoginForm(Form):
 
         self.user = user
         return True
+
+class ChangePwdForm(Form):
+    old = PasswordField(u'Passwort', req)
+    new = PasswordField(u'Neues Passwort', req + [v.EqualTo('confirm', u'Passwörter stimmen nicht überein')])
+    confirm = PasswordField(u'Wdh. neues Passwort', req)
+
+    def validate_old(self, field):
+        if not login.current_user.check_password(field.data):
+            raise ValidationError(u"Falsches Passwort")
+
+    @property
+    def newpwd(self):
+        return self.new.data
diff --git a/app/login.py b/app/login.py
index be89f09..7098db4 100644
--- a/app/login.py
+++ b/app/login.py
@@ -13,9 +13,13 @@ login_manager.init_app(app)
 login_manager.login_message = u"Bitte einloggen!"
 
 class User (model.User, UserMixin):
+
     def check_password(self, pwd):
         return pwd_context.verify(pwd, self.pwd)
 
+    def set_password(self, pwd):
+        self.pwd = pwd_context.encrypt(pwd)
+
 @login_manager.user_loader
 def load_user(id):
     return User.get(id)
diff --git a/app/views/user.py b/app/views/user.py
index e3c9251..a532c45 100644
--- a/app/views/user.py
+++ b/app/views/user.py
@@ -1,12 +1,12 @@
+# -*- encoding: utf-8 -*-
 from . import Blueprint, flash, db, \
         current_user, login_required, \
-        templated, request, url_for
+        templated, redirect, request, url_for
 
-from ..forms import LoginForm
+from ..forms import LoginForm, ChangePwdForm
 from ..login import login_user, logout_user, login_manager
 
-# we explicitly need flask's redirect and not our variant
-from flask import redirect
+import flask
 
 mod = Blueprint('user', __name__)
 
@@ -17,13 +17,28 @@ def login():
 
    if form.validate_on_submit():
        login_user(form.user)
-       return redirect(request.args.get('next') or url_for('index'))
+       # we explicitly need flask's variant as we redirect to a URI
+       return flask.redirect(request.args.get('next') or url_for('index'))
 
    return { 'form': form }
 
+@mod.route('/cpw', methods=('GET', 'POST'))
+@login_required
+@templated
+def cpw():
+    form = ChangePwdForm()
+
+    if form.validate_on_submit():
+        current_user.set_password(form.newpwd)
+        db.session.commit()
+        flash(u"Passwort geändert.")
+        return redirect('index')
+
+    return { 'form': form }
+
 @mod.route('/logout')
 def logout():
     logout_user()
-    return redirect(url_for('.login'))
+    return redirect('.login')
 
 login_manager.login_view = 'user.login'
diff --git a/templates/menu.jinja b/templates/menu.jinja
index cebe1e5..a4e2b49 100644
--- a/templates/menu.jinja
+++ b/templates/menu.jinja
@@ -6,5 +6,8 @@
         ]
 %}
 {% if current_user.is_authenticated() %}
-    {% set menu = menu + [("user.logout", "Logout")] %}
+    {% set menu = menu + [
+        ("user.cpw", "Passwort ändern"),
+        ("user.logout", "Logout")]
+    %}
 {% endif %}
diff --git a/templates/user/cpw.jinja b/templates/user/cpw.jinja
new file mode 100644
index 0000000..74d65dc
--- /dev/null
+++ b/templates/user/cpw.jinja
@@ -0,0 +1,13 @@
+{% extends "layout.jinja" %}
+{% from "macros.jinja" import render_form %}
+
+{% block heading %}
+    Passwort ändern
+{% endblock %}
+
+{% block content %}
+    <form name="login" method="post">
+        {{ render_form(form, old = {'autofocus' : True}) }}
+        <input type="submit">
+    </form>
+{% endblock %}