github/plane
0
0
Fork 1
mirror of https://github.com/makeplane/plane synced 2024-06-14 14:31:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: cache invalidation on set password (#4504)

Browse Source
This commit is contained in:
Nikhil 2024-05-17 17:49:35 +05:30 committed by GitHub
parent 1bf80847f5
commit a150a9d268
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
apiserver/plane/authentication/views/common.py
View File

@ -16,6 +16,7 @@ from plane.authentication.adapter.error import (
AUTHENTICATION_ERROR_CODES,
)
from django.middleware.csrf import get_token
from plane.utils.cache import invalidate_cache
class CSRFTokenEndpoint(APIView):
@ -51,7 +52,6 @@ class ChangePasswordEndpoint(APIView):
status=status.HTTP_400_BAD_REQUEST,
)
if not user.check_password(old_password):
exc = AuthenticationException(
error_code=AUTHENTICATION_ERROR_CODES[
@ -69,9 +69,7 @@ class ChangePasswordEndpoint(APIView):
results = zxcvbn(new_password)
if results["score"] < 3:
exc = AuthenticationException(
error_code=AUTHENTICATION_ERROR_CODES[
"INVALID_NEW_PASSWORD"
],
error_code=AUTHENTICATION_ERROR_CODES["INVALID_NEW_PASSWORD"],
error_message="INVALID_NEW_PASSWORD",
)
return Response(
@ -89,7 +87,10 @@ class ChangePasswordEndpoint(APIView):
status=status.HTTP_200_OK,
)
class SetUserPasswordEndpoint(APIView):
@invalidate_cache("/api/users/me/")
def post(self, request):
user = User.objects.get(pk=request.user.id)
password = request.data.get("password", False)