Bug Fix - The password storage is now Bcrypt.hashed

Previously was plain text storage
kaust-merge · Jun 7, 2020 · 207177b · 207177b
1 parent c19bb52
commit 207177b
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Change Log
 
+## [Unreleased] 2020-06-07
+### Bug Fix
+- The password storage is now Bcrypt.hashed
+
 ## [1.0.2] 2020-06-02
 ### Improvements
 - Added deploy scripts: Docker, Gunicorn

diff --git a/app/views.py b/app/views.py
@@ -61,7 +61,7 @@ def register():
 
         else:         
 
-            pw_hash = password #bc.generate_password_hash(password)
+            pw_hash = bc.generate_password_hash(password)
 
             user = User(username, email, pw_hash)
 
@@ -97,8 +97,7 @@ def login():
 
         if user:
 
-            #if bc.check_password_hash(user.password, password):
-            if user.password == password:
+            if bc.check_password_hash(user.password, password):
                 login_user(user)
                 return redirect(url_for('index'))
             else: