16 files changed, 168 insertions, 0 deletions
diff --git a/locales/ar.json b/locales/ar.json
index adb8c649..695a3a61 100644
--- a/locales/ar.json
+++ b/locales/ar.json
@@ -13,6 +13,9 @@
     "Next page": "الصفحة الثانية",
     "Previous page": "الصفحة السابقة",
     "Clear watch history?": "مسح السجل ؟",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "نعم",
@@ -82,6 +85,7 @@
     "Data preferences": "إعدادات التفضيلات",
     "Clear watch history": "حذف سجل المشاهدة",
     "Import/export data": "إضافة\\إستخراج البيانات",
+    "Change password": "",
     "Manage subscriptions": "إدارة المشتركين",
     "Manage tokens": "",
     "Watch history": "سجل المشاهدة",
diff --git a/locales/de.json b/locales/de.json
index cffe8b95..a2a09e68 100644
--- a/locales/de.json
+++ b/locales/de.json
@@ -13,6 +13,9 @@
     "Next page": "Nächste Seite",
     "Previous page": "Vorherige Seite",
     "Clear watch history?": "Verlauf löschen?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Ja",
@@ -82,6 +85,7 @@
     "Data preferences": "Dateneinstellungen",
     "Clear watch history": "Verlauf löschen",
     "Import/export data": "Daten im- exportieren",
+    "Change password": "",
     "Manage subscriptions": "Abonnements verwalten",
     "Manage tokens": "",
     "Watch history": "Verlauf",
diff --git a/locales/en-US.json b/locales/en-US.json
index 9cfce711..8dbc7e61 100644
--- a/locales/en-US.json
+++ b/locales/en-US.json
@@ -13,6 +13,9 @@
     "Next page": "Next page",
     "Previous page": "Previous page",
     "Clear watch history?": "Clear watch history?",
+    "New password": "New password",
+    "New passwords must match": "New passwords must match",
+    "Cannot change password for Google accounts": "Cannot change password for Google accounts",
     "Authorize token?": "Authorize token?",
     "Authorize token for `x`?": "Authorize token for `x`?",
     "Yes": "Yes",
@@ -82,6 +85,7 @@
     "Data preferences": "Data preferences",
     "Clear watch history": "Clear watch history",
     "Import/export data": "Import/export data",
+    "Change password": "Change password",
     "Manage subscriptions": "Manage subscriptions",
     "Manage tokens": "Manage tokens",
     "Watch history": "Watch history",
diff --git a/locales/eo.json b/locales/eo.json
index 317dc3ba..f8ae6912 100644
--- a/locales/eo.json
+++ b/locales/eo.json
@@ -13,6 +13,9 @@
     "Next page": "Sekva paĝo",
     "Previous page": "Antaŭa paĝo",
     "Clear watch history?": "Ĉu forigi vidohistorion?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Jes",
@@ -82,6 +85,7 @@
     "Data preferences": "Datumagordoj",
     "Clear watch history": "Forigi vidohistorion",
     "Import/export data": "Importi/Eksporti datumojn",
+    "Change password": "",
     "Manage subscriptions": "Administri abonojn",
     "Manage tokens": "",
     "Watch history": "Vidohistorio",
diff --git a/locales/es.json b/locales/es.json
index 4c6f4f39..15191506 100644
--- a/locales/es.json
+++ b/locales/es.json
@@ -13,6 +13,9 @@
     "Next page": "Página siguiente",
     "Previous page": "Página anterior",
     "Clear watch history?": "¿Quiere borrar el historial de reproducción?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Sí",
@@ -82,6 +85,7 @@
     "Data preferences": "Preferencias de los datos",
     "Clear watch history": "Borrar el historial de reproducción",
     "Import/export data": "Importar/Exportar datos",
+    "Change password": "",
     "Manage subscriptions": "Gestionar las suscripciones",
     "Manage tokens": "",
     "Watch history": "Historial de reproducción",
diff --git a/locales/eu.json b/locales/eu.json
index 9abeb684..a17f8ec8 100644
--- a/locales/eu.json
+++ b/locales/eu.json
@@ -13,6 +13,9 @@
     "Next page": "Hurrengo orria",
     "Previous page": "Aurreko orria",
     "Clear watch history?": "Garbitu ikusitakoen historia?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Bai",
@@ -82,6 +85,7 @@
     "Data preferences": "",
     "Clear watch history": "",
     "Import/export data": "",
+    "Change password": "",
     "Manage subscriptions": "",
     "Manage tokens": "",
     "Watch history": "",
diff --git a/locales/fr.json b/locales/fr.json
index e94c0d1c..9e15d310 100644
--- a/locales/fr.json
+++ b/locales/fr.json
@@ -13,6 +13,9 @@
     "Next page": "Page suivante",
     "Previous page": "Page précédente",
     "Clear watch history?": "Êtes-vous sûr de vouloir supprimer l'historique des vidéos regardées ?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Oui",
@@ -82,6 +85,7 @@
     "Data preferences": "Préférences liées aux données",
     "Clear watch history": "Supprimer l'historique des vidéos regardées",
     "Import/export data": "Importer/exporter les données",
+    "Change password": "",
     "Manage subscriptions": "Gérer les abonnements",
     "Manage tokens": "",
     "Watch history": "Historique de visionnage",
diff --git a/locales/it.json b/locales/it.json
index 05700de8..3c938ffb 100644
--- a/locales/it.json
+++ b/locales/it.json
@@ -13,6 +13,9 @@
     "Next page": "Pagina successiva",
     "Previous page": "Pagina precedente",
     "Clear watch history?": "Sei sicuro di voler cancellare la cronologia dei video guardati?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Si",
@@ -82,6 +85,7 @@
     "Data preferences": "Preferenze dati",
     "Clear watch history": "Cancella la cronologia dei video guardati",
     "Import/export data": "Importazione/esportazione dati",
+    "Change password": "",
     "Manage subscriptions": "Gestisci le iscrizioni",
     "Manage tokens": "",
     "Watch history": "Cronologia dei video",
diff --git a/locales/nb_NO.json b/locales/nb_NO.json
index 382a951b..5adeeeeb 100644
--- a/locales/nb_NO.json
+++ b/locales/nb_NO.json
@@ -13,6 +13,9 @@
     "Next page": "Neste side",
     "Previous page": "Forrige side",
     "Clear watch history?": "Tøm visningshistorikk?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Ja",
@@ -82,6 +85,7 @@
     "Data preferences": "Datainnstillinger",
     "Clear watch history": "Tøm visningshistorikk",
     "Import/export data": "Importer/eksporter data",
+    "Change password": "",
     "Manage subscriptions": "Behandle abonnementer",
     "Manage tokens": "",
     "Watch history": "Visningshistorikk",
diff --git a/locales/nl.json b/locales/nl.json
index 9d9dac9e..29e38e1c 100644
--- a/locales/nl.json
+++ b/locales/nl.json
@@ -13,6 +13,9 @@
     "Next page": "Volgende pagina",
     "Previous page": "Vorige pagina",
     "Clear watch history?": "Kijk geschiedenis wissen?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Ja",
@@ -82,6 +85,7 @@
     "Data preferences": "Gegevens voorkeuren",
     "Clear watch history": "Kijkgeschiedenis wissen",
     "Import/export data": "Importeer/Exporteer gegevens",
+    "Change password": "",
     "Manage subscriptions": "Abonnees beheren",
     "Manage tokens": "",
     "Watch history": "Kijkgeschiedenis",
diff --git a/locales/pl.json b/locales/pl.json
index d970f8c9..745f8a79 100644
--- a/locales/pl.json
+++ b/locales/pl.json
@@ -13,6 +13,9 @@
     "Next page": "Następna strona",
     "Previous page": "Poprzednia strona",
     "Clear watch history?": "Wyczyścić historię?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Tak",
@@ -82,6 +85,7 @@
     "Data preferences": "Preferencje danych",
     "Clear watch history": "Wyczyść historię",
     "Import/export data": "Import/Eksport danych",
+    "Change password": "",
     "Manage subscriptions": "Organizuj subskrybcje",
     "Manage tokens": "",
     "Watch history": "Historia",
diff --git a/locales/ru.json b/locales/ru.json
index 49a94436..79536302 100644
--- a/locales/ru.json
+++ b/locales/ru.json
@@ -13,6 +13,9 @@
     "Next page": "Следующая страница",
     "Previous page": "Предыдущая страница",
     "Clear watch history?": "Очистить историю просмотров?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Да",
@@ -82,6 +85,7 @@
     "Data preferences": "Настройки данных",
     "Clear watch history": "Очистить историю просмотра",
     "Import/export data": "Импорт/Экспорт данных",
+    "Change password": "",
     "Manage subscriptions": "Управление подписками",
     "Manage tokens": "",
     "Watch history": "История просмотров",
diff --git a/locales/uk.json b/locales/uk.json
index 023db237..02fa563f 100644
--- a/locales/uk.json
+++ b/locales/uk.json
@@ -13,6 +13,9 @@
     "Next page": "Наступна сторінка",
     "Previous page": "Попередня сторінка",
     "Clear watch history?": "Очистити історію переглядів?",
+    "New password": "",
+    "New passwords must match": "",
+    "Cannot change password for Google accounts": "",
     "Authorize token?": "",
     "Authorize token for `x`?": "",
     "Yes": "Так",
@@ -82,6 +85,7 @@
     "Data preferences": "Налаштування даних",
     "Clear watch history": "Очистити історію переглядів",
     "Import/export data": "Імпорт і експорт даних",
+    "Change password": "",
     "Manage subscriptions": "Керування підписками",
     "Manage tokens": "",
     "Watch history": "Історія переглядів",
diff --git a/src/invidious.cr b/src/invidious.cr
index fb8ebbe4..3780a2f0 100644
--- a/src/invidious.cr
+++ b/src/invidious.cr
@@ -1875,6 +1875,86 @@ post "/data_control" do |env|
   env.redirect referer
 end
 
+get "/change_password" do |env|
+  locale = LOCALES[env.get("preferences").as(Preferences).locale]?
+
+  user = env.get? "user"
+  sid = env.get? "sid"
+  referer = get_referer(env)
+
+  if user
+    user = user.as(User)
+    sid = sid.as(String)
+    csrf_token = generate_response(sid, {":change_password"}, HMAC_KEY, PG_DB)
+
+    templated "change_password"
+  else
+    env.redirect referer
+  end
+end
+
+post "/change_password" do |env|
+  locale = LOCALES[env.get("preferences").as(Preferences).locale]?
+
+  user = env.get? "user"
+  sid = env.get? "sid"
+  referer = get_referer(env)
+
+  if user
+    user = user.as(User)
+    sid = sid.as(String)
+    token = env.params.body["csrf_token"]?
+
+    # We don't store passwords for Google accounts
+    if !user.password
+      error_message = "Cannot change password for Google accounts"
+      next templated "error"
+    end
+
+    begin
+      validate_request(token, sid, env.request, HMAC_KEY, PG_DB, locale)
+    rescue ex
+      error_message = ex.message
+      env.response.status_code = 400
+      next templated "error"
+    end
+
+    password = env.params.body["password"]?
+    if !password
+      error_message = translate(locale, "Password is a required field")
+      next templated "error"
+    end
+
+    new_passwords = env.params.body.select { |k, v| k.match(/^new_password\[\d+\]$/) }.map { |k, v| v }
+
+    if new_passwords.size <= 1 || new_passwords.uniq.size != 1
+      error_message = translate(locale, "New passwords must match")
+      next templated "error"
+    end
+
+    new_password = new_passwords.uniq[0]
+    if new_password.empty?
+      error_message = translate(locale, "Password cannot be empty")
+      next templated "error"
+    end
+
+    if new_password.size > 55
+      error_message = translate(locale, "Password cannot be longer than 55 characters")
+      next templated "error"
+    end
+
+    if Crypto::Bcrypt::Password.new(user.password.not_nil!) != password
+      error_message = translate(locale, "Incorrect password")
+      next templated "error"
+    end
+
+    new_password = Crypto::Bcrypt::Password.create(new_password, cost: 10)
+    PG_DB.exec("UPDATE users SET password = $1 WHERE email = $2", new_password.to_s, user.email)
+  end
+
+  env.redirect referer
+end
+
 get "/delete_account" do |env|
   locale = LOCALES[env.get("preferences").as(Preferences).locale]?
 
diff --git a/src/invidious/views/change_password.ecr b/src/invidious/views/change_password.ecr
new file mode 100644
index 00000000..2e68556b
--- /dev/null
+++ b/src/invidious/views/change_password.ecr
@@ -0,0 +1,32 @@
+<% content_for "header" do %>
+<title><%= translate(locale, "Change password") %> - Invidious</title>
+<% end %>
+
+<div class="pure-g">
+    <div class="pure-u-1 pure-u-lg-1-5"></div>
+    <div class="pure-u-1 pure-u-lg-3-5">
+        <div class="h-box">
+            <form class="pure-form pure-form-aligned" action="/change_password?referer=<%= URI.escape(referer) %>" method="post">
+                <legend><%= translate(locale, "Change password") %></legend>
+
+                <fieldset>
+                    <label for="password"><%= translate(locale, "Password") %> :</label>
+                    <input required class="pure-input-1" name="password" type="password" placeholder="<%= translate(locale, "Password") %>">
+
+                    <label for="new_password[0]"><%= translate(locale, "New password") %> :</label>
+                    <input required class="pure-input-1" name="new_password[0]" type="password" placeholder="<%= translate(locale, "New password") %>">
+
+                    <label for="new_password[1]"><%= translate(locale, "New password") %> :</label>
+                    <input required class="pure-input-1" name="new_password[1]" type="password" placeholder="<%= translate(locale, "New password") %>">
+
+                    <button type="submit" name="action" value="change_password" class="pure-button pure-button-primary">
+                        <%= translate(locale, "Change password") %>
+                    </button>
+
+                    <input type="hidden" name="csrf_token" value="<%= URI.escape(csrf_token) %>">
+                </fieldset>
+            </form>
+        </div>
+    </div>
+    <div class="pure-u-1 pure-u-lg-1-5"></div>
+</div>
diff --git a/src/invidious/views/preferences.ecr b/src/invidious/views/preferences.ecr
index 1af53488..5d2c35b1 100644
--- a/src/invidious/views/preferences.ecr
+++ b/src/invidious/views/preferences.ecr
@@ -214,6 +214,10 @@ function update_value(element) {
             </div>
 
             <div class="pure-control-group">
+                <a href="/change_password?referer=<%= URI.escape(referer) %>"><%= translate(locale, "Change password") %></a>
+            </div>
+
+            <div class="pure-control-group">
                 <a href="/data_control?referer=<%= URI.escape(referer) %>"><%= translate(locale, "Import/export data") %></a>
             </div>