feat: change password support

2023-12-29 00:12:30 -08:00 · 2023-12-29 00:12:30 -08:00 · 9bd48ffd93
commit 9bd48ffd93
parent 450b9b6aef
3 changed files with 108 additions and 1 deletions
--- a/backend/apps/web/models/auths.py
+++ b/backend/apps/web/models/auths.py
@ -64,6 +64,11 @@ class SigninForm(BaseModel):
    password: str


+class UpdatePasswordForm(BaseModel):
+    password: str
+    new_password: str
+
+
 class SignupForm(BaseModel):
    name: str
    email: str
@ -109,7 +114,24 @@ class AuthsTable:
        except:
            return None

-    def delete_auth_by_id(self, id: str) -> Optional[UserModel]:
+    def update_user_password_by_id(
+        self, id: str, password: str, new_password: str
+    ) -> bool:
+        try:
+            auth = Auth.get(Auth.id == id, Auth.active == True)
+            if auth:
+                if verify_password(password, auth.password):
+                    query = Auth.update(password=new_password).where(Auth.id == id)
+                    result = query.execute()
+                    print(result)
+                    return True
+                else:
+                    return False
+            return True
+        except:
+            return False
+
+    def delete_auth_by_id(self, id: str) -> bool:
        try:
            # Delete User
            result = Users.delete_user_by_id(id)
--- a/backend/apps/web/routers/auths.py
+++ b/backend/apps/web/routers/auths.py
@ -11,6 +11,7 @@ import uuid
 from apps.web.models.auths import (
    SigninForm,
    SignupForm,
+    UpdatePasswordForm,
    UserResponse,
    SigninResponse,
    Auths,
@ -53,6 +54,24 @@ async def get_session_user(cred=Depends(bearer_scheme)):
        )


+############################
+# Update Password
+############################
+
+
+@router.post("/update/password", response_model=bool)
+async def update_password(form_data: UpdatePasswordForm, cred=Depends(bearer_scheme)):
+    token = cred.credentials
+    user = Users.get_user_by_token(token)
+
+    if user:
+        hashed = get_password_hash(form_data.new_password)
+        return Auths.update_user_password_by_id(user.id, form_data.password, hashed)
+
+    else:
+        raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
+
+
 ############################
 # SignIn
 ############################