Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add pasword hashing to API user modification

Browse Source
This commit is contained in:
luukas 2022-05-25 00:32:31 +03:00
parent 54ff888002
commit 9a9d101015
No known key found for this signature in database
GPG Key ID: CC4915E8D71FC044
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/classes/web/routes/api/users/user/index.py
View File

@ -280,7 +280,10 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
if len(data) != 0: if len(data) != 0:
for key in data: for key in data:
# If we don't validate the input there could be security issues # If we don't validate the input there could be security issues
setattr(user_obj, key, data[key]) value = data[key]
if key == "password":
value = self.helper.encode_pass(value)
setattr(user_obj, key, value)
user_obj.save() user_obj.save()
self.controller.management.add_to_audit_log( self.controller.management.add_to_audit_log(