PDC-IRAP / pdc-web

Commit 4770ee5d3697fd9df8b0586eaaf65937de8feec8

Authored by hitier
1 parent e8879e9f
Exists in master and in 4 other branches Develop, TEST, dev, othauvin

Now passwords are encrypted 

From a fix by Olivier Thauvin <olivier.thauvin@latmos.ipsl.fr>
Showing 2 changed files with 16 additions and 4 deletions   Show diff stats
Inline Side-by-side
app/auth/models.py
  Diff comments   View file @4770ee5
1 from pprint import pprint 1 from pprint import pprint
2 2
3 -from flask_login import UserMixin, current_user 3 +from werkzeug.security import generate_password_hash, check_password_hash
  4 +from flask_login import UserMixin
4 from app.models import db 5 from app.models import db
5 6
6 # 7 #
@@ -47,8 +48,8 @@ class User(UserMixin, db.Model): @@ -47,8 +48,8 @@ class User(UserMixin, db.Model):
47 email = db.Column(db.String(100), unique=True) 48 email = db.Column(db.String(100), unique=True)
48 name = db.Column(db.String(100)) 49 name = db.Column(db.String(100))
49 login = db.Column(db.String(100), unique=True) 50 login = db.Column(db.String(100), unique=True)
50 - password = db.Column(db.String(100))  
51 role = db.Column(db.Integer, default=0) 51 role = db.Column(db.Integer, default=0)
  52 + password_hash = db.Column(db.String(128))
52 53
53 def __repr__(self): 54 def __repr__(self):
54 return "i: {}, n: {}, e: {}, l: {}".format(self.id, self.name, self.email, self.login) 55 return "i: {}, n: {}, e: {}, l: {}".format(self.id, self.name, self.email, self.login)
@@ -68,3 +69,9 @@ class User(UserMixin, db.Model): @@ -68,3 +69,9 @@ class User(UserMixin, db.Model):
68 def has_role_or_higher(self, role): 69 def has_role_or_higher(self, role):
69 role = _checkRole(role) 70 role = _checkRole(role)
70 return self.role and (self.role >= role) 71 return self.role and (self.role >= role)
  72 +
  73 + def set_password(self, password):
  74 + self.password_hash = generate_password_hash(password)
  75 +
  76 + def check_password(self, password):
  77 + return check_password_hash(self.password_hash, password)
tests/backend_tests.py
  Diff comments   View file @4770ee5
@@ -5,8 +5,6 @@ from app import create_app, db_mgr, db @@ -5,8 +5,6 @@ from app import create_app, db_mgr, db
5 from app.auth.models import User 5 from app.auth.models import User
6 6
7 7
8 -  
9 -  
10 class BaseTestCase(unittest.TestCase): 8 class BaseTestCase(unittest.TestCase):
11 def setUp(self): 9 def setUp(self):
12 # configure data base 10 # configure data base
@@ -83,3 +81,10 @@ class AuthModelTestCase(BaseTestCase): @@ -83,3 +81,10 @@ class AuthModelTestCase(BaseTestCase):
83 admin = self.get_admin() 81 admin = self.get_admin()
84 with self.assertRaises(ValueError) as ve: 82 with self.assertRaises(ValueError) as ve:
85 admin.set_role("NOSUCHROLE") 83 admin.set_role("NOSUCHROLE")
  84 +
  85 + def test_setcheckpassword(self):
  86 + admin = self.get_admin()
  87 + admin.set_password("hahaha")
  88 + db.session.commit()
  89 + admin2 = self.get_admin()
  90 + self.assertTrue(admin2.check_password("hahaha"))