MCPcopy Create free account
hub / github.com/pgadmin-org/pgadmin4 / change_password

Function change_password

web/pgadmin/browser/__init__.py:895–947  ·  view source on GitHub ↗

View function which handles a change password request.

()

Source from the content-addressed store, hash-verified

893 @pgCSRFProtect.exempt
894 @pga_login_required
895 def change_password():
896 """View function which handles a change password request."""
897
898 form_class = _security.forms.get('change_password_form').cls
899 req_json = request.get_json(silent=True)
900
901 if not req_json:
902 form = form_class()
903 return {
904 'csrf_token': form.csrf_token._value()
905 }
906 elif req_json:
907 form = form_class(MultiDict(req_json))
908 if form.validate():
909 errormsg = None
910 # change_user_password from flask-security logs out the user
911 # this is undesirable, so change password on own
912 try:
913 user = User.query.filter(
914 User.fs_uniquifier == current_user.fs_uniquifier)\
915 .first()
916 user.password = hash_password(form.new_password.data)
917
918 try:
919 send_password_changed_notice(user)
920 except Exception as _:
921 # No need to throw error if failed in sending email
922 pass
923 except Exception as e:
924 # Handle other exceptions.
925 logging.exception(str(e), exc_info=True)
926 errormsg = gettext(PASS_ERROR).format(e)
927
928 if errormsg is None:
929 old_key = get_crypt_key()[1]
930 set_crypt_key(form.new_password.data, False)
931
932 from pgadmin.browser.server_groups.servers.utils \
933 import reencrpyt_server_passwords
934 reencrpyt_server_passwords(
935 current_user.id, old_key, form.new_password.data)
936
937 db.session.commit()
938 elif errormsg is not None:
939 return internal_server_error(errormsg)
940 else:
941 return bad_request(_first_form_error_message(
942 form, gettext('Invalid input.')))
943
944 return make_json_response(
945 success=1,
946 info=gettext('pgAdmin user password changed successfully')
947 )
948
949# Only register route if SECURITY_RECOVERABLE is set to True
950if hasattr(config, 'SECURITY_RECOVERABLE') and config.SECURITY_RECOVERABLE:

Callers

nothing calls this directly

Calls 12

get_crypt_keyFunction · 0.90
set_crypt_keyFunction · 0.90
internal_server_errorFunction · 0.90
bad_requestFunction · 0.90
make_json_responseFunction · 0.90
gettextFunction · 0.85
filterMethod · 0.80
firstMethod · 0.65
getMethod · 0.45
validateMethod · 0.45

Tested by

no test coverage detected