diff options
| author | 0livd <0livd@users.noreply.github.com> | 2017-06-27 00:16:32 +0200 |
|---|---|---|
| committer | Alexis Metaireau <alexis@notmyidea.org> | 2017-06-27 00:16:32 +0200 |
| commit | a8360854489d060367cc17ef7933c867228a88e1 (patch) | |
| tree | a2b8973f131e2db12497fd937c63664dce73ed09 /budget/manage.py | |
| parent | db296489568259a38bc614a1fcc4b504a2ffc983 (diff) | |
| download | ihatemoney-mirror-a8360854489d060367cc17ef7933c867228a88e1.zip ihatemoney-mirror-a8360854489d060367cc17ef7933c867228a88e1.tar.gz ihatemoney-mirror-a8360854489d060367cc17ef7933c867228a88e1.tar.bz2 | |
Use a hashed password for ADMIN_PASSWORD (#236)
* Use a hashed password for ADMIN_PASSWORD
A generate_password_hash manage.py command is provided
Fixes #233
* Print a console warning for users using a clear text ADMIN_PASSWORD
* Reword ADMIN_PASSWORD doc
* Update changelog
* Update CHANGELOG.rst
- say it out loud
- bump to 2.0 (that's the logic of semantic versioning while introducing breaking changes)
* Bump to 2.0 (breaking change)
* Update hashed password warning message
* Mention the generate password hash in the Changelog
Diffstat (limited to 'budget/manage.py')
| -rwxr-xr-x | budget/manage.py | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/budget/manage.py b/budget/manage.py index 94a21a2..f717fed 100755 --- a/budget/manage.py +++ b/budget/manage.py @@ -1,15 +1,26 @@ #!/usr/bin/env python -from flask_script import Manager +from flask_script import Manager, Command from flask_migrate import Migrate, MigrateCommand +from werkzeug.security import generate_password_hash from run import app from models import db +from getpass import getpass + + +class GeneratePasswordHash(Command): + "Get password from user and hash it without printing it in clear text" + + def run(self): + password = getpass(prompt='Password: ') + print(generate_password_hash(password)) migrate = Migrate(app, db) manager = Manager(app) manager.add_command('db', MigrateCommand) +manager.add_command('generate_password_hash', GeneratePasswordHash) if __name__ == '__main__': |