mirror of
https://github.com/wassname/flask-security.git
synced 2026-07-19 11:23:28 +08:00
Always encrypt password when creating a user
This commit is contained in:
@@ -15,7 +15,7 @@ from flask.ext.wtf import Form, TextField, PasswordField, SubmitField, \
|
||||
from werkzeug.local import LocalProxy
|
||||
|
||||
from .exceptions import UserNotFoundError
|
||||
|
||||
from .utils import encrypt_password
|
||||
|
||||
# Convenient reference
|
||||
_datastore = LocalProxy(lambda: app.extensions['security'].datastore)
|
||||
@@ -131,7 +131,7 @@ class RegisterForm(Form,
|
||||
|
||||
def to_dict(self):
|
||||
return dict(email=self.email.data,
|
||||
password=self.password.data)
|
||||
password=encrypt_password(self.password.data))
|
||||
|
||||
|
||||
class ResetPasswordForm(Form,
|
||||
|
||||
@@ -12,7 +12,7 @@ from flask import current_app
|
||||
from flask.ext.script import Command, Option, prompt_bool
|
||||
from werkzeug.local import LocalProxy
|
||||
|
||||
from flask_security import views
|
||||
from flask_security import views, utils
|
||||
|
||||
|
||||
_datastore = LocalProxy(lambda: current_app.extensions['security'].datastore)
|
||||
@@ -40,6 +40,7 @@ class CreateUserCommand(Command):
|
||||
# sanitize role input a bit
|
||||
ri = re.sub(r'\s', '', kwargs['roles'])
|
||||
kwargs['roles'] = [] if ri == '' else ri.split(',')
|
||||
kwargs['password'] = utils.encrypt_password(kwargs['password'])
|
||||
|
||||
_datastore.create_user(**kwargs)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user