Update routes and commands with new crypted methods

hitier
1 parent 615da07f
Showing 2 changed files with 8 additions and 3 deletions Show diff stats
app/auth/routes.py
app/commands/commands.py
@@ -52,7 +52,7 @@ def login_post():
     user_password = request.form.get('password')
     # user_remember = request.form.get('remember')
     user = User.query.filter_by(login=user_login).one_or_none()
-    if user and user.password == user_password:
+    if user and user.check_password(user_password):
         login_user(user)
         flash("Connection Réussie !", 'success')
         return redirect(url_for('main.index'))
@@ -199,7 +199,8 @@ def create_db():
     configure the proper database uri in the db_config.py file.
     """
     db.create_all()
-    admin = User(email='admin@nowhere.org', name='admin', login='admin', password='admin', role='admin')
+    admin = User(email='admin@nowhere.org', name='admin', login='admin', role='admin')
+    admin.set_password('admin')
     sqlite_uri = db.engine.url.__str__() if 'sqlite' in db.engine.url.__str__() else None
     try:
         db.session.add(admin)
@@ -221,10 +222,14 @@ def create_db():
 @click.argument('password')
 def user_add(email, name, login, password):
     """ Add a new user in db."""
+    user = User.query.filter(User.name==name).one_or_none()
+    if( user ):
+        current_app.logger.error(f"user already exists {name}")
+        return
     user = User(email=email, name=name, login=login, password=password)
     db.session.add(user)
     db.session.commit()
-    current_app.logger.info("added ", name)
+    current_app.logger.info(f"added {name}")
  
  
 @bp.cli.command('user_show_all')