Blog
Changes a user's password. Regular users may only change their own passwords and super-users may change any other person's password. No matter who is changing the password, the new one must confirm to the configuration.
Super-users may also set password expiry and a flag indicating that the referenced user change his or her password the next time this person logs in.
change_password(self, cid, data, current_ust, current_app, remote_addr)
cid
: Correlation ID used by audit logdata
: A dictionary of input values to change the password withcurrent_ust
: Current user's USTcurrent_app
: Name of application the current user is issuing the call fromremote_addr
: User's remote addressReturns
: (None)The 'data' dictionary is in the format described below:
Name | Datatype | Optional | Needs super-user | Notes |
---|---|---|---|---|
old_password | string | Yes | --- | Required if current user changes his or her own password |
new_password | string | --- | --- | New password to set for user |
user_id | string | Yes | Yes | ID of user whose password is to be changed, required if a super-user wants to change another person's password |
password_expiry | integer | Yes | Yes | Optionally, after how many days from current time the password will expire. If not set, a default value from configuration will be used. |
must_change | bool | Yes | Yes | If True, the person whose password is being change will need to reset it on next login |
# -*- coding: utf-8 -*-
# Zato
from zato.server.service import Service
class ChangePasswordCurrentUser(Service):
def handle(self):
# Data obtained from request and/or WSGI environment
ust = 'gAAAAABalFycY50Budi...'
current_app = 'CRM'
remote_addr = '127.0.0.1'
# Since this is a password change for current user,
# both old and new password are needed on input
data = {
'old_password': '<old-password>',
'new_password': '<new-password>',
}
# Change the password now, no exception = success
self.sso.user.change_password(self.cid, data, current_ust, current_app, remote_addr)
# -*- coding: utf-8 -*-
# Zato
from zato.server.service import Service
class ChangePasswordAnotherUser(Service):
def handle(self):
# Data obtained from request and/or WSGI environment
ust = 'gAAAAABalFycY50Budi...'
current_app = 'CRM'
remote_addr = '127.0.0.1'
# This time around, a super-user changes another person's password
# so the old password is not needed. On top of it, the other user
# will need to change the password the next time he or she logs in.
data = {
'user_id': 'zusr6pxpqqg4j09t5vhw1ehtmebshy',
'new_password': '<new-password>',
'must_change': True,
}
# Change the password now, no exception = success
self.sso.user.change_password(self.cid, data, current_ust, current_app, remote_addr)