diff options
| author | 0livd <0livd@users.noreply.github.com> | 2017-06-27 00:16:32 +0200 |
|---|---|---|
| committer | Alexis Metaireau <alexis@notmyidea.org> | 2017-06-27 00:16:32 +0200 |
| commit | a8360854489d060367cc17ef7933c867228a88e1 (patch) | |
| tree | a2b8973f131e2db12497fd937c63664dce73ed09 /budget/tests | |
| parent | db296489568259a38bc614a1fcc4b504a2ffc983 (diff) | |
| download | ihatemoney-mirror-a8360854489d060367cc17ef7933c867228a88e1.zip ihatemoney-mirror-a8360854489d060367cc17ef7933c867228a88e1.tar.gz ihatemoney-mirror-a8360854489d060367cc17ef7933c867228a88e1.tar.bz2 | |
Use a hashed password for ADMIN_PASSWORD (#236)
* Use a hashed password for ADMIN_PASSWORD
A generate_password_hash manage.py command is provided
Fixes #233
* Print a console warning for users using a clear text ADMIN_PASSWORD
* Reword ADMIN_PASSWORD doc
* Update changelog
* Update CHANGELOG.rst
- say it out loud
- bump to 2.0 (that's the logic of semantic versioning while introducing breaking changes)
* Bump to 2.0 (breaking change)
* Update hashed password warning message
* Mention the generate password hash in the Changelog
Diffstat (limited to 'budget/tests')
| -rw-r--r-- | budget/tests/tests.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/budget/tests/tests.py b/budget/tests/tests.py index a1cedfa..16aaae9 100644 --- a/budget/tests/tests.py +++ b/budget/tests/tests.py @@ -10,6 +10,7 @@ import json from collections import defaultdict import six +from werkzeug.security import generate_password_hash from flask import session # Unset configuration file env var if previously set @@ -376,7 +377,7 @@ class BudgetTestCase(TestCase): self.assertNotIn('raclette', session) def test_admin_authentication(self): - run.app.config['ADMIN_PASSWORD'] = "pass" + run.app.config['ADMIN_PASSWORD'] = generate_password_hash("pass") # test the redirection to the authentication page when trying to access admin endpoints resp = self.app.get("/create") |