From 4770ee5d3697fd9df8b0586eaaf65937de8feec8 Mon Sep 17 00:00:00 2001 From: Richard Hitier Date: Thu, 15 Apr 2021 15:43:01 +0200 Subject: [PATCH] Now passwords are encrypted --- app/auth/models.py | 11 +++++++++-- tests/backend_tests.py | 9 +++++++-- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/app/auth/models.py b/app/auth/models.py index ec19d16..27763ed 100644 --- a/app/auth/models.py +++ b/app/auth/models.py @@ -1,6 +1,7 @@ from pprint import pprint -from flask_login import UserMixin, current_user +from werkzeug.security import generate_password_hash, check_password_hash +from flask_login import UserMixin from app.models import db # @@ -47,8 +48,8 @@ class User(UserMixin, db.Model): email = db.Column(db.String(100), unique=True) name = db.Column(db.String(100)) login = db.Column(db.String(100), unique=True) - password = db.Column(db.String(100)) role = db.Column(db.Integer, default=0) + password_hash = db.Column(db.String(128)) def __repr__(self): return "i: {}, n: {}, e: {}, l: {}".format(self.id, self.name, self.email, self.login) @@ -68,3 +69,9 @@ class User(UserMixin, db.Model): def has_role_or_higher(self, role): role = _checkRole(role) return self.role and (self.role >= role) + + def set_password(self, password): + self.password_hash = generate_password_hash(password) + + def check_password(self, password): + return check_password_hash(self.password_hash, password) diff --git a/tests/backend_tests.py b/tests/backend_tests.py index 8e8ae0b..78f73ad 100644 --- a/tests/backend_tests.py +++ b/tests/backend_tests.py @@ -5,8 +5,6 @@ from app import create_app, db_mgr, db from app.auth.models import User - - class BaseTestCase(unittest.TestCase): def setUp(self): # configure data base @@ -83,3 +81,10 @@ class AuthModelTestCase(BaseTestCase): admin = self.get_admin() with self.assertRaises(ValueError) as ve: admin.set_role("NOSUCHROLE") + + def test_setcheckpassword(self): + admin = self.get_admin() + admin.set_password("hahaha") + db.session.commit() + admin2 = self.get_admin() + self.assertTrue(admin2.check_password("hahaha")) -- libgit2 0.21.2