mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2024-11-08 14:40:27 +00:00
Merge pull request #1247 from unilogicbv/models_user_plain_text_password_guard
models/user.py: properly guard plain_text_password property
This commit is contained in:
commit
2cd8f60f8d
@ -107,7 +107,7 @@ class User(db.Model):
|
||||
|
||||
def check_password(self, hashed_password):
|
||||
# Check hashed password. Using bcrypt, the salt is saved into the hash itself
|
||||
if (self.plain_text_password):
|
||||
if hasattr(self, "plain_text_password"):
|
||||
return bcrypt.checkpw(self.plain_text_password.encode('utf-8'),
|
||||
hashed_password.encode('utf-8'))
|
||||
return False
|
||||
@ -423,7 +423,7 @@ class User(db.Model):
|
||||
name='Administrator').first().id
|
||||
|
||||
self.password = self.get_hashed_password(
|
||||
self.plain_text_password) if self.plain_text_password else '*'
|
||||
self.plain_text_password) if hasattr(self, "plain_text_password") else '*'
|
||||
|
||||
if self.password and self.password != '*':
|
||||
self.password = self.password.decode("utf-8")
|
||||
@ -459,7 +459,7 @@ class User(db.Model):
|
||||
user.email = self.email
|
||||
|
||||
# store new password hash (only if changed)
|
||||
if self.plain_text_password:
|
||||
if hasattr(self, "plain_text_password"):
|
||||
user.password = self.get_hashed_password(
|
||||
self.plain_text_password).decode("utf-8")
|
||||
|
||||
@ -478,7 +478,7 @@ class User(db.Model):
|
||||
user.lastname = self.lastname if self.lastname else user.lastname
|
||||
user.password = self.get_hashed_password(
|
||||
self.plain_text_password).decode(
|
||||
"utf-8") if self.plain_text_password else user.password
|
||||
"utf-8") if hasattr(self, "plain_text_password") else user.password
|
||||
|
||||
if self.email:
|
||||
# Can not update to a new email that
|
||||
|
Loading…
Reference in New Issue
Block a user