From c6f72e112ba3d797e71302d96504bbd54c83ca6b Mon Sep 17 00:00:00 2001 From: 0livd Date: Thu, 21 Dec 2017 13:57:01 +0100 Subject: Use hashed passwords for projects (#286) - Remove all occurences of clear text project passwords. - Migrate the database to hash the previously stored passwords. Closes #232 --- .../b78f8a8bdb16_hash_project_passwords.py | 41 ++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 ihatemoney/migrations/versions/b78f8a8bdb16_hash_project_passwords.py (limited to 'ihatemoney/migrations/versions') diff --git a/ihatemoney/migrations/versions/b78f8a8bdb16_hash_project_passwords.py b/ihatemoney/migrations/versions/b78f8a8bdb16_hash_project_passwords.py new file mode 100644 index 0000000..e32983d --- /dev/null +++ b/ihatemoney/migrations/versions/b78f8a8bdb16_hash_project_passwords.py @@ -0,0 +1,41 @@ +"""hash project passwords + +Revision ID: b78f8a8bdb16 +Revises: f629c8ef4ab0 +Create Date: 2017-12-17 11:45:44.783238 + +""" + +# revision identifiers, used by Alembic. +revision = 'b78f8a8bdb16' +down_revision = 'f629c8ef4ab0' + +from alembic import op +import sqlalchemy as sa +from werkzeug.security import generate_password_hash + +project_helper = sa.Table( + 'project', sa.MetaData(), + sa.Column('id', sa.String(length=64), nullable=False), + sa.Column('name', sa.UnicodeText(), nullable=True), + sa.Column('password', sa.String(length=128), nullable=True), + sa.Column('contact_email', sa.String(length=128), nullable=True), + sa.PrimaryKeyConstraint('id') +) + + +def upgrade(): + connection = op.get_bind() + for project in connection.execute(project_helper.select()): + connection.execute( + project_helper.update().where( + project_helper.c.name == project.name + ).values( + password=generate_password_hash(project.password) + ) + ) + + +def downgrade(): + # Downgrade path is not possible, because information has been lost. + pass -- cgit v1.1