Add a form for changing the password and prompt the user to do so when there is no password on the account.

data/model.py

@@ -4,8 +4,7 @@ import dateutil.parser
 import operator
 
 from database import *
-from util.validation import (validate_email, validate_username,
-                             validate_password)
+from util.validation import *
 
 
 logger = logging.getLogger(__name__)
@@ -35,9 +34,7 @@ def create_user(username, password, email):
 
   # We allow password none for the federated login case.
   if password is not None and not validate_password(password):
-    raise InvalidPasswordException('Invalid password, password must be at ' + 
-                                   'least 8 characters and contain no ' + 
-                                   'whitespace.')
+    raise InvalidPasswordException(INVALID_PASSWORD_MESSAGE)
 
   try:
     existing = User.get((User.username == username) | (User.email == email))
@@ -210,6 +207,9 @@ def get_matching_repositories(repo_term, username=None):
 
 
 def change_password(user, new_password):
+  if not validate_password(new_password):
+    raise InvalidPasswordException(INVALID_PASSWORD_MESSAGE)
+
   pw_hash = bcrypt.hashpw(new_password, bcrypt.gensalt())
   user.password_hash = pw_hash
   user.save()