for password change old password is required

login_server/src/cpp/JSONInterface/JsonUpdateUserInfos.cpp

@@ -149,7 +149,44 @@ Poco::JSON::Object* JsonUpdateUserInfos::handle(Poco::Dynamic::Var params)
 
 				if (str_val.size() > 0) {
 					
+					std::string old_password;
+					auto old_password_obj = updates->get("User.password_old");
+					if (old_password_obj.isEmpty()) {
+						jsonErrorsArray.add("User.password_old not found");
+					}
+					else if (!old_password_obj.isString()) {
+						jsonErrorsArray.add("User.password_old isn't a string");
+					}
+					else {
+						old_password_obj.convert(old_password);
+					}
+
+					bool old_password_valid = false;
 					NotificationList errors; 
+					if (old_password.size()) {
+						if (!sm->checkPwdValidation(old_password, &errors, LanguageManager::getInstance()->getFreeCatalog(LANG_EN))) {
+							jsonErrorsArray.add("User.password_old didn't match");
+							Poco::Thread::sleep(ServerConfig::g_FakeLoginSleepTime);
+						}
+						else {
+							auto result = user->login(old_password);
+							if (result == 1) {
+								old_password_valid = true;
+							}
+							else if (result == -3) {
+								jsonErrorsArray.add("Password calculation for this user already running, please try again later");
+							}
+							else {
+								jsonErrorsArray.add("User.password_old didn't match");
+							}
+							
+							if (result == 2) {
+								Poco::Thread::sleep(ServerConfig::g_FakeLoginSleepTime);
+							}
+						}
+
+					}
+					
 					if (!sm->checkPwdValidation(value.toString(), &errors, LanguageManager::getInstance()->getFreeCatalog(LANG_EN))) {
 						jsonErrorsArray.add("User.password isn't valid");
 						jsonErrorsArray.add(errors.getErrorsArray());
@@ -170,6 +207,8 @@ Poco::JSON::Object* JsonUpdateUserInfos::handle(Poco::Dynamic::Var params)
 						
 						
 					}
+					
+					
 				}
 			}
 		}