diff options
| author | 0livd <github@destras.fr> | 2017-12-21 13:57:01 +0100 |
|---|---|---|
| committer | Alexis Metaireau <alexis@notmyidea.org> | 2017-12-21 13:57:01 +0100 |
| commit | c6f72e112ba3d797e71302d96504bbd54c83ca6b (patch) | |
| tree | 5fc8965c918e249caaedcb4f64c37fa36eb1c15e /ihatemoney/forms.py | |
| parent | 0dfb9c5f948b10857ce5b55b6317c7773dab87b0 (diff) | |
| download | ihatemoney-mirror-c6f72e112ba3d797e71302d96504bbd54c83ca6b.zip ihatemoney-mirror-c6f72e112ba3d797e71302d96504bbd54c83ca6b.tar.gz ihatemoney-mirror-c6f72e112ba3d797e71302d96504bbd54c83ca6b.tar.bz2 | |
Use hashed passwords for projects (#286)
- Remove all occurences of clear text project passwords.
- Migrate the database to hash the previously stored passwords.
Closes #232
Diffstat (limited to 'ihatemoney/forms.py')
| -rw-r--r-- | ihatemoney/forms.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/ihatemoney/forms.py b/ihatemoney/forms.py index c5e0b54..3966891 100644 --- a/ihatemoney/forms.py +++ b/ihatemoney/forms.py @@ -5,6 +5,7 @@ from wtforms.fields.simple import PasswordField, SubmitField, TextAreaField, Str from wtforms.validators import Email, Required, ValidationError, EqualTo from flask_babel import lazy_gettext as _ from flask import request +from werkzeug.security import generate_password_hash from datetime import datetime from jinja2 import Markup @@ -52,14 +53,14 @@ class EditProjectForm(FlaskForm): Returns the created instance """ project = Project(name=self.name.data, id=self.id.data, - password=self.password.data, + password=generate_password_hash(self.password.data), contact_email=self.contact_email.data) return project def update(self, project): """Update the project with the information from the form""" project.name = self.name.data - project.password = self.password.data + project.password = generate_password_hash(self.password.data) project.contact_email = self.contact_email.data return project |