From b61531dc193e4b27ad9684a8ea97d3368aaeb245 Mon Sep 17 00:00:00 2001
From: Cédric Bonhomme <cedric@cedricbonhomme.org>
Date: Mon, 4 Feb 2019 11:21:12 +0100
Subject: fix: Entity User has no property 'password', changed to 'pwdhash'.

---
 src/web/views/user.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/web/views/user.py b/src/web/views/user.py
index 24b73a60..7b3c1684 100644
--- a/src/web/views/user.py
+++ b/src/web/views/user.py
@@ -6,6 +6,7 @@ from flask import (Blueprint, g, render_template, redirect,
 from flask_babel import gettext
 from flask_login import login_required, current_user
 from flask_paginate import Pagination, get_page_args
+from werkzeug import generate_password_hash
 
 import conf
 from notifications import notifications
@@ -152,7 +153,7 @@ def profile():
             try:
                 user_contr.update({'id': current_user.id},
                         {'nickname': form.nickname.data,
-                        'password': form.password.data,
+                        'pwdhash': generate_password_hash(form.password.data),
                         'automatic_crawling': form.automatic_crawling.data,
                         'is_public_profile': form.is_public_profile.data,
                         'bio': form.bio.data,
-- 
cgit 


From 19684c2dbbef8180927286486cd52b5ccf944628 Mon Sep 17 00:00:00 2001
From: Cédric Bonhomme <cedric@cedricbonhomme.org>
Date: Mon, 4 Feb 2019 11:34:15 +0100
Subject: added a command to add new admin user via command line

---
 src/manager.py | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'src')

diff --git a/src/manager.py b/src/manager.py
index c088ac29..795b3974 100755
--- a/src/manager.py
+++ b/src/manager.py
@@ -38,6 +38,14 @@ def db_create():
         db.create_all()
         UserController(ignore_context=True).create(**admin)
 
+@manager.command
+def create_admin(nickname, password):
+    "Will create an admin user."
+    admin = {'is_admin': True, 'is_api': True, 'is_active': True,
+             'nickname': nickname,
+             'pwdhash': generate_password_hash(password)}
+    with application.app_context():
+        UserController(ignore_context=True).create(**admin)
 
 @manager.command
 def fetch_asyncio(user_id=None, feed_id=None):
-- 
cgit 


From 4d2d4a59e4711c12bb756c2f7f446f3c63302a2f Mon Sep 17 00:00:00 2001
From: Cédric Bonhomme <cedric@cedricbonhomme.org>
Date: Mon, 4 Feb 2019 11:46:31 +0100
Subject: fix: edition of user's password was broken

---
 src/web/controllers/user.py | 2 +-
 src/web/views/admin.py      | 5 ++---
 src/web/views/user.py       | 3 +--
 3 files changed, 4 insertions(+), 6 deletions(-)

(limited to 'src')

diff --git a/src/web/controllers/user.py b/src/web/controllers/user.py
index 1b5c123e..65e01e6f 100644
--- a/src/web/controllers/user.py
+++ b/src/web/controllers/user.py
@@ -12,7 +12,7 @@ class UserController(AbstractController):
 
     def _handle_password(self, attrs):
         if attrs.get('password'):
-            attrs['password'] = generate_password_hash(attrs.pop('password'))
+            attrs['pwdhash'] = generate_password_hash(attrs.pop('password'))
         elif 'password' in attrs:
             del attrs['password']
 
diff --git a/src/web/views/admin.py b/src/web/views/admin.py
index 2e97ff36..73b2b668 100644
--- a/src/web/views/admin.py
+++ b/src/web/views/admin.py
@@ -2,7 +2,6 @@ from datetime import datetime
 from flask import (Blueprint, render_template, redirect, flash, url_for)
 from flask_babel import gettext, format_timedelta
 from flask_login import login_required, current_user
-from werkzeug import generate_password_hash
 
 from lib.utils import redirect_url
 from web.views.common import admin_permission
@@ -61,7 +60,7 @@ def process_user_form(user_id=None):
         # Edit a user
         user_contr.update({'id': user_id},
                           {'nickname': form.nickname.data,
-                           'pwdhash': generate_password_hash(form.password.data),
+                           'password': form.password.data,
                            'automatic_crawling': form.automatic_crawling.data})
         user = user_contr.get(id=user_id)
         flash(gettext('User %(nick)s successfully updated',
@@ -69,7 +68,7 @@ def process_user_form(user_id=None):
     else:
         # Create a new user (by the admin)
         user = user_contr.create(nickname=form.nickname.data,
-                            pwdhash=generate_password_hash(form.password.data),
+                            password=form.password.data,
                             automatic_crawling=form.automatic_crawling.data,
                             is_admin=False,
                             is_active=True)
diff --git a/src/web/views/user.py b/src/web/views/user.py
index 7b3c1684..24b73a60 100644
--- a/src/web/views/user.py
+++ b/src/web/views/user.py
@@ -6,7 +6,6 @@ from flask import (Blueprint, g, render_template, redirect,
 from flask_babel import gettext
 from flask_login import login_required, current_user
 from flask_paginate import Pagination, get_page_args
-from werkzeug import generate_password_hash
 
 import conf
 from notifications import notifications
@@ -153,7 +152,7 @@ def profile():
             try:
                 user_contr.update({'id': current_user.id},
                         {'nickname': form.nickname.data,
-                        'pwdhash': generate_password_hash(form.password.data),
+                        'password': form.password.data,
                         'automatic_crawling': form.automatic_crawling.data,
                         'is_public_profile': form.is_public_profile.data,
                         'bio': form.bio.data,
-- 
cgit