From 9a9d101015112ba992e30b357020748c6969217a Mon Sep 17 00:00:00 2001
From: luukas <lukasdoesdev@gmail.com>
Date: Wed, 25 May 2022 00:32:31 +0300
Subject: [PATCH] Add pasword hashing to API user modification

---
 app/classes/web/routes/api/users/user/index.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/classes/web/routes/api/users/user/index.py b/app/classes/web/routes/api/users/user/index.py
index d2a13161..2772df02 100644
--- a/app/classes/web/routes/api/users/user/index.py
+++ b/app/classes/web/routes/api/users/user/index.py
@@ -280,7 +280,10 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
         if len(data) != 0:
             for key in data:
                 # If we don't validate the input there could be security issues
-                setattr(user_obj, key, data[key])
+                value = data[key]
+                if key == "password":
+                    value = self.helper.encode_pass(value)
+                setattr(user_obj, key, value)
             user_obj.save()
 
         self.controller.management.add_to_audit_log(