From d775089ad63f271679b609828c0cdcf6b354d715 Mon Sep 17 00:00:00 2001
From: Dominic DiTaranto <domdit@gmail.com>
Date: Tue, 29 Oct 2024 12:04:25 -0400
Subject: password change

---
 web/views.py | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

(limited to 'web/views.py')

diff --git a/web/views.py b/web/views.py
index cc537c4..0009739 100644
--- a/web/views.py
+++ b/web/views.py
@@ -1,8 +1,11 @@
-from django.shortcuts import render
-from web.models import Event, Availability
-from django.shortcuts import get_object_or_404, redirect
 from datetime import timedelta
+from django.contrib.auth import update_session_auth_hash
 from django.contrib.auth.decorators import login_required
+from django.contrib.auth.forms import PasswordChangeForm
+from django.contrib.auth.views import PasswordChangeView
+from django.shortcuts import get_object_or_404, redirect, render
+from django.urls import reverse_lazy
+from web.models import Event, Availability
 
 
 @login_required()
@@ -27,6 +30,21 @@ def index(request):
     return render(request, "index.html", context)
 
 
+def change_password(request):
+    if request.method == 'POST':
+        form = PasswordChangeForm(request.user, request.POST)
+        if form.is_valid():
+            user = form.save()
+            update_session_auth_hash(request, user)
+            return redirect('password_change_done')
+    else:
+        form = PasswordChangeForm(request.user)
+    return render(request, 'change-password/change_password.html', {'form': form})
+
+def password_change_done(request):
+    return render(request, 'change-password/password_change_done.html')
+
+
 @login_required()
 def event(request, event_id):
 
-- 
cgit v1.2.3-70-g09d2