From a8360854489d060367cc17ef7933c867228a88e1 Mon Sep 17 00:00:00 2001
From: 0livd <0livd@users.noreply.github.com>
Date: Tue, 27 Jun 2017 00:16:32 +0200
Subject: Use a hashed password for ADMIN_PASSWORD (#236)

* Use a hashed password for ADMIN_PASSWORD

A generate_password_hash manage.py command is provided
Fixes #233

* Print a console warning for users using a clear text ADMIN_PASSWORD

* Reword ADMIN_PASSWORD doc

* Update changelog

* Update CHANGELOG.rst

- say it out loud
- bump to 2.0 (that's the logic of semantic versioning while introducing breaking changes)

* Bump to 2.0 (breaking change)

* Update hashed password warning message

* Mention the generate password hash in the Changelog
---
 budget/manage.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'budget/manage.py')

diff --git a/budget/manage.py b/budget/manage.py
index 94a21a2..f717fed 100755
--- a/budget/manage.py
+++ b/budget/manage.py
@@ -1,15 +1,26 @@
 #!/usr/bin/env python
 
-from flask_script import Manager
+from flask_script import Manager, Command
 from flask_migrate import Migrate, MigrateCommand
+from werkzeug.security import generate_password_hash
 
 from run import app
 from models import db
+from getpass import getpass
+
+
+class GeneratePasswordHash(Command):
+    "Get password from user and hash it without printing it in clear text"
+
+    def run(self):
+        password = getpass(prompt='Password: ')
+        print(generate_password_hash(password))
 
 migrate = Migrate(app, db)
 
 manager = Manager(app)
 manager.add_command('db', MigrateCommand)
+manager.add_command('generate_password_hash', GeneratePasswordHash)
 
 
 if __name__ == '__main__':
-- 
cgit v1.1