1 files changed, 17 insertions, 4 deletions

diff --git a/backend/views.py b/backend/views.py
index e04270b..edd0a2a 100644
--- a/backend/views.py
+++ b/backend/views.py
@@ -148,7 +148,7 @@ def api_auth_register(request):
     try:
         user.save()
     except:
-        return api_error_headers('problem storing user')
+        return api_error_headers('db error')
     user_profile = SJUserProfile(user=user,
                                  username=request.POST['username'],
                                  password=request.POST['password'],
@@ -157,7 +157,7 @@ def api_auth_register(request):
     try:
         user_profile.save()
     except:
-        return api_error_headers('problem storing user profile')
+        return api_error_headers('db error')
     response = api_ok_headers()
     response.write(user_response_str(request, user))
     return response
@@ -184,12 +184,25 @@ def api_auth_checkin(request):
 
 @require_POST
 def api_auth_password(request):
-    """"""
+    """ Change user password """
     form_fields = ['username', 'password']
     response = check_form_fields(request, form_fields)
     if response:
         return response
-    return HttpResponse('Not implemented yet!\n')
+    if request.user.is_authenticated() and request.user.username == request.POST['username']:
+        try:
+            user = auth.models.User.objects.get(username=request.POST['username'])
+            user.set_password(request.POST['password'])
+            user.save()
+            user_profile = user.get_profile()
+            user_profile.password = request.POST['password']
+            user_profile.save()
+        except auth.models.User.DoesNotExist:
+            return api_error_headers('no such user')
+        except:
+            return api_error_headers('db error')
+        return api_ok_headers()
+    return HttpResponse()
 
 #
 # USER API