cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2025-01-07 19:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

models/user.py: properly guard plain_text_password property

Browse Source 
Resolves the following issue, which occurs with force_otp enabled
and OAuth authentication sources:

File "/srv/powerdnsadmin/powerdnsadmin/models/user.py", line 481, in update_profile
  "utf-8") if self.plain_text_password else user.password
AttributeError: 'User' object has no attribute 'plain_text_password'
This commit is contained in:
Pascal de Bruijn 2022-09-06 15:31:43 +02:00 committed by Pascal de Bruijn
parent 204c996c81
commit 4fd1b10018
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
powerdnsadmin/models/user.py
View File

@ -107,7 +107,7 @@ class User(db.Model):
def check_password(self, hashed_password): def check_password(self, hashed_password):
# Check hashed password. Using bcrypt, the salt is saved into the hash itself # Check hashed password. Using bcrypt, the salt is saved into the hash itself
if (self.plain_text_password): if hasattr(self, "plain_text_password"):
return bcrypt.checkpw(self.plain_text_password.encode('utf-8'), return bcrypt.checkpw(self.plain_text_password.encode('utf-8'),
hashed_password.encode('utf-8')) hashed_password.encode('utf-8'))
return False return False
@ -423,7 +423,7 @@ class User(db.Model):
name='Administrator').first().id name='Administrator').first().id
self.password = self.get_hashed_password( self.password = self.get_hashed_password(
self.plain_text_password) if self.plain_text_password else '*' self.plain_text_password) if hasattr(self, "plain_text_password") else '*'
if self.password and self.password != '*': if self.password and self.password != '*':
self.password = self.password.decode("utf-8") self.password = self.password.decode("utf-8")
@ -459,7 +459,7 @@ class User(db.Model):
user.email = self.email user.email = self.email
# store new password hash (only if changed) # store new password hash (only if changed)
if self.plain_text_password: if hasattr(self, "plain_text_password"):
user.password = self.get_hashed_password( user.password = self.get_hashed_password(
self.plain_text_password).decode("utf-8") self.plain_text_password).decode("utf-8")
@ -478,7 +478,7 @@ class User(db.Model):
user.lastname = self.lastname if self.lastname else user.lastname user.lastname = self.lastname if self.lastname else user.lastname
user.password = self.get_hashed_password( user.password = self.get_hashed_password(
self.plain_text_password).decode( self.plain_text_password).decode(
"utf-8") if self.plain_text_password else user.password "utf-8") if hasattr(self, "plain_text_password") else user.password
if self.email: if self.email:
# Can not update to a new email that # Can not update to a new email that