diff --git a/app/models.py b/app/models.py index a7f9872..17e52c0 100644 --- a/app/models.py +++ b/app/models.py @@ -133,7 +133,9 @@ class User(db.Model): def check_password(self, hashed_password): # Check hased password. Useing bcrypt, the salt is saved into the hash itself - return bcrypt.checkpw(self.plain_text_password.encode('utf-8'), hashed_password.encode('utf-8')) + if (self.plain_text_password): + return bcrypt.checkpw(self.plain_text_password.encode('utf-8'), hashed_password.encode('utf-8')) + return False def get_user_info_by_id(self): user_info = User.query.get(int(self.id)) diff --git a/app/views.py b/app/views.py index e624c16..09071f1 100644 --- a/app/views.py +++ b/app/views.py @@ -223,7 +223,7 @@ def saml_authorized(): if not user: # create user user = User(username=session['samlNameId'], - plain_text_password=gen_salt(30), + plain_text_password = None, email=session['samlNameId']) user.create_local_user() session['user_id'] = user.id @@ -233,7 +233,7 @@ def saml_authorized(): user.firstname = session['samlUserdata']["givenname"][0] if session['samlUserdata'].has_key("surname"): user.lastname = session['samlUserdata']["surname"][0] - user.plain_text_password = gen_salt(30) + user.plain_text_password = None user.update_profile() session['external_auth'] = True login_user(user, remember=False) @@ -267,7 +267,7 @@ def login(): user = User(username=email, firstname=first_name, lastname=surname, - plain_text_password=gen_salt(7), + plain_text_password=None, email=email) user.create_local_user() @@ -283,7 +283,7 @@ def login(): if not user: # create user user = User(username=user_info['name'], - plain_text_password=gen_salt(30), + plain_text_password=None, email=user_info['email']) user.create_local_user()