From 207177b09df758a714ba4cb8ecd502d05d302bad Mon Sep 17 00:00:00 2001
From: Adi Chirilov <developer@rosoftware.ro>
Date: Sun, 7 Jun 2020 17:02:04 +0300
Subject: [PATCH] Bug Fix - The password storage is now Bcrypt.hashed

Previously was plain text storage
---
 CHANGELOG.md | 4 ++++
 app/views.py | 5 ++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b21cab9..a7e76d3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Change Log
 
+## [Unreleased] 2020-06-07
+### Bug Fix
+- The password storage is now Bcrypt.hashed
+
 ## [1.0.2] 2020-06-02
 ### Improvements
 - Added deploy scripts: Docker, Gunicorn
diff --git a/app/views.py b/app/views.py
index f2fbbd2..30ddc78 100644
--- a/app/views.py
+++ b/app/views.py
@@ -61,7 +61,7 @@ def register():
         
         else:         
 
-            pw_hash = password #bc.generate_password_hash(password)
+            pw_hash = bc.generate_password_hash(password)
 
             user = User(username, email, pw_hash)
 
@@ -97,8 +97,7 @@ def login():
 
         if user:
             
-            #if bc.check_password_hash(user.password, password):
-            if user.password == password:
+            if bc.check_password_hash(user.password, password):
                 login_user(user)
                 return redirect(url_for('index'))
             else: