Now passwords are encrypted

From a fix by Olivier Thauvin <olivier.thauvin@latmos.ipsl.fr>

Now passwords are encrypted
From a fix by Olivier Thauvin <olivier.thauvin@latmos.ipsl.fr>
hitier
1 parent e8879e9f
Showing 2 changed files with 16 additions and 4 deletions Show diff stats
app/auth/models.py
tests/backend_tests.py
 from pprint import pprint
  
-from flask_login import UserMixin, current_user
+from werkzeug.security import generate_password_hash, check_password_hash
+from flask_login import UserMixin
 from app.models import db
  
 #
@@ -47,8 +48,8 @@ class User(UserMixin, db.Model):
     email = db.Column(db.String(100), unique=True)
     name = db.Column(db.String(100))
     login = db.Column(db.String(100), unique=True)
-    password = db.Column(db.String(100))
     role = db.Column(db.Integer, default=0)
+    password_hash = db.Column(db.String(128))
  
     def __repr__(self):
         return "i: {}, n: {}, e: {}, l: {}".format(self.id, self.name, self.email, self.login)
@@ -68,3 +69,9 @@ class User(UserMixin, db.Model):
     def has_role_or_higher(self, role):
         role = _checkRole(role)
         return self.role and (self.role >= role)
+
+    def set_password(self, password):
+        self.password_hash = generate_password_hash(password)
+
+    def check_password(self, password):
+        return check_password_hash(self.password_hash, password)
@@ -5,8 +5,6 @@ from app import create_app, db_mgr, db
 from app.auth.models import User
  
  
-
-
 class BaseTestCase(unittest.TestCase):
     def setUp(self):
         # configure data base
@@ -83,3 +81,10 @@ class AuthModelTestCase(BaseTestCase):
         admin = self.get_admin()
         with self.assertRaises(ValueError) as ve:
             admin.set_role("NOSUCHROLE")
+
+    def test_setcheckpassword(self):
+        admin = self.get_admin()
+        admin.set_password("hahaha")
+        db.session.commit()
+        admin2 = self.get_admin()
+        self.assertTrue(admin2.check_password("hahaha"))