Closed leechristophermurray closed 7 years ago
The old password must always be used to ensure the request to change a password is coming from the right source.
@nick22891 please review
@thinkking please adjust as @nick22891 described.
@matjames007 and @nick22891 please see the most recent commit for a different implementation of feedback for the user. Upon successfully entering the correct old password and successful submission SUCCESS: Your password has been changed.
is given in a green color. The incorrect submission of an old password will give "ERROR: Incorrect password provided. Your password was not changed."
in a red color. this is displayed "Password" title in the profile form.
I just tested this and it seems to be working very well so I've approved this PR. Just made the recommendation to @thinkking to use Bootstrap Alerts (just to be consistent with what we've done elsewhere in the application) but I wouldn't let that prevent merging this into develop.
@nick22891 I will push an update with Bootstrap Alerts soon.
UPDATE: @nick22891 bootstrap alerts are now being used.
@thinkking I edited the HTML and the CSS classes slightly (to make it look more like the other bootstrap alerts in the application).
A logged in user can now change their password. This was implemented by:
.current_user.us_password
variable inCurrentUserFactory.query
so the "New Password" field ofprofile.html
is empty when a user signs in/logs in.chpass()
, inuser-ctrl.js
to accept the inputs of thechpassForm
form inprofile.html
.PUT
request inservices.js
which was then allowed a route (inrouter-user.js
) to submit throughuser.js
.