From 4d2d4a59e4711c12bb756c2f7f446f3c63302a2f Mon Sep 17 00:00:00 2001
From: Cédric Bonhomme <cedric@cedricbonhomme.org>
Date: Mon, 4 Feb 2019 11:46:31 +0100
Subject: fix: edition of user's password was broken

---
 src/web/controllers/user.py | 2 +-
 src/web/views/admin.py      | 5 ++---
 src/web/views/user.py       | 3 +--
 3 files changed, 4 insertions(+), 6 deletions(-)

(limited to 'src')

diff --git a/src/web/controllers/user.py b/src/web/controllers/user.py
index 1b5c123e..65e01e6f 100644
--- a/src/web/controllers/user.py
+++ b/src/web/controllers/user.py
@@ -12,7 +12,7 @@ class UserController(AbstractController):
 
     def _handle_password(self, attrs):
         if attrs.get('password'):
-            attrs['password'] = generate_password_hash(attrs.pop('password'))
+            attrs['pwdhash'] = generate_password_hash(attrs.pop('password'))
         elif 'password' in attrs:
             del attrs['password']
 
diff --git a/src/web/views/admin.py b/src/web/views/admin.py
index 2e97ff36..73b2b668 100644
--- a/src/web/views/admin.py
+++ b/src/web/views/admin.py
@@ -2,7 +2,6 @@ from datetime import datetime
 from flask import (Blueprint, render_template, redirect, flash, url_for)
 from flask_babel import gettext, format_timedelta
 from flask_login import login_required, current_user
-from werkzeug import generate_password_hash
 
 from lib.utils import redirect_url
 from web.views.common import admin_permission
@@ -61,7 +60,7 @@ def process_user_form(user_id=None):
         # Edit a user
         user_contr.update({'id': user_id},
                           {'nickname': form.nickname.data,
-                           'pwdhash': generate_password_hash(form.password.data),
+                           'password': form.password.data,
                            'automatic_crawling': form.automatic_crawling.data})
         user = user_contr.get(id=user_id)
         flash(gettext('User %(nick)s successfully updated',
@@ -69,7 +68,7 @@ def process_user_form(user_id=None):
     else:
         # Create a new user (by the admin)
         user = user_contr.create(nickname=form.nickname.data,
-                            pwdhash=generate_password_hash(form.password.data),
+                            password=form.password.data,
                             automatic_crawling=form.automatic_crawling.data,
                             is_admin=False,
                             is_active=True)
diff --git a/src/web/views/user.py b/src/web/views/user.py
index 7b3c1684..24b73a60 100644
--- a/src/web/views/user.py
+++ b/src/web/views/user.py
@@ -6,7 +6,6 @@ from flask import (Blueprint, g, render_template, redirect,
 from flask_babel import gettext
 from flask_login import login_required, current_user
 from flask_paginate import Pagination, get_page_args
-from werkzeug import generate_password_hash
 
 import conf
 from notifications import notifications
@@ -153,7 +152,7 @@ def profile():
             try:
                 user_contr.update({'id': current_user.id},
                         {'nickname': form.nickname.data,
-                        'pwdhash': generate_password_hash(form.password.data),
+                        'password': form.password.data,
                         'automatic_crawling': form.automatic_crawling.data,
                         'is_public_profile': form.is_public_profile.data,
                         'bio': form.bio.data,
-- 
cgit