change password v1

Lab2/database_helper.py

@@ -111,3 +111,13 @@ def get_data_email(email):
         return None
     except:
         return None
+
+
+def change_password(email, newpassword):
+    try:
+        sql = "UPDATE USERS SET password = 'newpassword1' WHERE email = 'cbdgsdsd11mail.com';"
+        get_db().execute(sql)
+        get_db().commit()
+        return True
+    except:
+        return False

Lab2/server.py

@@ -82,8 +82,13 @@ def sign_out():
 def change_password():
     data = request.get_json()
     if('token' in data and 'oldPassword' in data and 'newPassword' in data):
-        return True
-        #return "", 204
+        if database_helper.is_online(data['token']):
+            email = database_helper.tokenToEmail(data['token'])
+            #check old password is good
+            if database_helper.change_password(email, data['newPassword']):
+                return "", 204
+        else:
+            return "", 401
     else:
         return "", 400
 
@@ -94,7 +99,7 @@ def get_user_data_token(token):
     if email:
         return get_user_data_email(token, email)
     else:
-        return "", 403
+        return "", 401
 
 
 @app.route("/account/get/data/<token>/<email>", methods = ['GET'])
@@ -108,14 +113,13 @@ def get_user_data_email(token, email):
                 "gender": data[2],
                 "city": data[3],
                 "country": data[4],
-                "email": data[5],
-                "password": data[6],
+                "email": data[5]
             }
             return jsonify(value), 200
         else:
             return "", 404
     else:
-        return "", 403
+        return "", 401
 
 def generate_token():
     characters = string.ascii_letters + string.digits