Bugfix: Wrong account password for updating user

2022-08-27 09:42:48 +01:00 · 2022-08-27 09:42:48 +01:00 · da4a3e41c6
commit da4a3e41c6
parent 77f86f7102
1 changed files with 1 additions and 1 deletions
--- a/ref-test/app/admin/views.py
+++ b/ref-test/app/admin/views.py
@ -215,7 +215,7 @@ def _update_user(id:str):
    if request.method == 'POST': 
        if not user: return jsonify({'error': 'User does not exist.'}), 400
        if form.validate_on_submit():
-            if not user.verify_password(request.form.get('confirm_password')): return jsonify({'error': 'Invalid password for your account.'}), 401
+            if not current_user.verify_password(request.form.get('confirm_password')): return jsonify({'error': 'Invalid password for your account.'}), 401
            success, message = user.update(
                password = request.form.get('password'),
                email = request.form.get('email'),