Merge 1ee3633 into 996e83e

phenopolis · May 21, 2017 · 7bf0aa2 · 7bf0aa2
2 parents 996e83e + 1ee3633
commit 7bf0aa2
Show file tree

Hide file tree

Showing 5 changed files with 12 additions and 19 deletions.
diff --git a/static/assets/js/phenopolis.js b/static/assets/js/phenopolis.js
@@ -150,7 +150,7 @@ if (!PP) {
         new_password_2: {
           equalTo: 'Both new passwords must match.'
         }
-      }
+      },
       submitHandler: function(form) {
         $('#auth_modal').modal({ dismissible: false, endingTop: '20%' });
         $('#auth_modal').modal('open');
@@ -168,7 +168,7 @@ if (!PP) {
                 $('#change_password_successful').show();
                 $("#change_password_successful").text(data.success);
             },
-            error: function (xhr, msg) {
+            error: function (data, msg) {
                 $('#auth_modal').modal('close');
                 $("#username, #password, #new_password_1, #new_password_2").addClass("invalid");
                 $("#username, #password, #new_password_1, #new_password_2").prop("aria-invalid", "true");

diff --git a/templates/components/change_password_modal.html b/templates/components/change_password_modal.html
@@ -4,8 +4,8 @@
         <i class="material-icons right modal-close">close</i>
         <h4>Change Password</h4>
         <form id="change_password_form" class="col s12">
-            <input type="hidden" value="{{username}}" name="name">
             <div class="row">
+                <input id="change_pwd_name" type="hidden" value={{session['user']}} name="change_pwd_name">
                 <div class="input-field col s12">
                     <i class="material-icons prefix">lock</i>
                     <input id="current_password" type="password" name="current_password">

diff --git a/templates/components/login_modal.html b/templates/components/login_modal.html
@@ -16,7 +16,7 @@ <h4>Login</h4>
                     <input id="password" type="password" placeholder="demo123" name="password">
                     <label for="password">Password</label>
                 </div>
-                <p class="col s12" id="login_form_error_msg" style="display:none; color: #F44336; margin-top: 0; margin-left: -1em;">Authentication failed. Please enter your username and passsword again.<br>Contact us if you continue to have issues logging in.</p>
+                <p class="col s12" id="login_form_error_msg" style="display:none; color: #F44336; margin-top: 0; margin-left: -1em;">Authentication failed. Please enter your username and password again.<br>Contact us if you continue to have issues logging in.</p>
             </div>
         </form>
         <p>Alternatively, select the 'Demo Login' button below to login as a demo user.</p>

diff --git a/tests/test_login.py b/tests/test_login.py
@@ -33,12 +33,11 @@ def login(self, username, password):
     def logout(self):
         return self.app.get('/logout', follow_redirects=True)
 
-    def change_password(self, username, password, new_pass_1, new_pass_2):
+    def change_password(self, username, password, new_pass_1):
         return self.app.post('/change_password', data=dict(
-            name=username,
+            change_pwd_name=username,
             current_password=password,
             new_password_1=new_pass_1,
-            new_password_2=new_pass_2
         ), follow_redirects=True)
 
     def test_login_logout(self):
@@ -60,7 +59,7 @@ def test_change_password(self):
         assert rv.status_code == 200
         assert 'Authenticated' in rv.data
 
-        rv = self.change_password('test', 'test123', 'test456', 'test456')
+        rv = self.change_password('test', 'test123', 'test456')
         assert rv.status_code == 200
         print(rv.data)
         assert 'Password for username \'test\' changed' in rv.data
@@ -72,19 +71,16 @@ def test_change_password(self):
         rv = self.login('test', 'test123')
         assert rv.status_code == 401
 
-        rv = self.change_password('test', 'test456', 'test123', 'test123')
+        rv = self.change_password('test', 'test456', 'test123')
         assert rv.status_code == 200
 
-        rv = self.change_password('demo', 'demo123', 'demo456', 'demo456')
-        assert rv.status_code == 401
-
-        rv = self.change_password('test', 'test123', 'x', 'test456')
+        rv = self.change_password('demo', 'demo123', 'demo456')
         assert rv.status_code == 401
 
-        rv = self.change_password('test', 'x', 'test456', 'test456')
+        rv = self.change_password('test', 'x', 'test456')
         assert rv.status_code == 401
 
-        rv = self.change_password('x', 'test123', 'test456', 'test456')
+        rv = self.change_password('x', 'test123', 'test456')
         assert rv.status_code == 401
 
 if __name__ == '__main__':

diff --git a/views/__init__.py b/views/__init__.py
@@ -193,14 +193,11 @@ def logout():
 # 
 @app.route('/change_password', methods=['POST'])
 def change_password():
-    username = request.form['name']
+    username = request.form['change_pwd_name']
     password = request.form['current_password']
     new_password_1 = request.form['new_password_1']
-    new_password_2 = request.form['new_password_2']
     if username == 'demo': 
         return jsonify(error='You do not have permission to change the password for username \'demo\'.'), 401
-    elif new_password_1 != new_password_2: 
-        return jsonify(error='New password and re-typed password do not match. Please try again.'), 401
     elif not check_auth(username,password):
         print 'Change password:- Login Failed'
         return jsonify(error='Username and current password incorrect. Please try again.'), 401