From bedf01bb3cc1071c86d16e10b73e12f9b9b4fe87 Mon Sep 17 00:00:00 2001
From: Mark <mark@openappstack.net>
Date: Tue, 10 Sep 2019 10:56:59 +0200
Subject: [PATCH] Add password hashing

---
 app.py             | 6 +++++-
 database/schema.py | 5 ++++-
 requirements.txt   | 1 +
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/app.py b/app.py
index e4750d3..d878310 100644
--- a/app.py
+++ b/app.py
@@ -11,6 +11,11 @@ from database.models import User
 app = Flask(__name__)
 
 app.debug = True if "DEBUG" in environ and environ["DEBUG"] else False
+app.config["SECRET_KEY"] = "_" if "SECRET_KEY" not in environ else environ["SECRET_KEY"]
+app.config["SECURITY_PASSWORD_SALT"] = app.config["SECRET_KEY"]
+
+user_datastore = get_user_datastore()
+security = Security(app, user_datastore)
 
 app.add_url_rule(
     '/graphql',
@@ -21,7 +26,6 @@ app.add_url_rule(
     )
 )
 
-user_datastore = get_user_datastore()
 
 @app.teardown_appcontext
 def shutdown_session(exception=None):
diff --git a/database/schema.py b/database/schema.py
index d0e2ba7..79f72bd 100644
--- a/database/schema.py
+++ b/database/schema.py
@@ -3,6 +3,7 @@ from graphene import relay
 from graphene_sqlalchemy import SQLAlchemyObjectType, SQLAlchemyConnectionField
 from database.models import User as UserModel, Application as ApplicationModel, Role as RoleModel
 from database.database import db_session, get_user_datastore
+from flask_security.utils import hash_password
 
 user_datastore = get_user_datastore()
 
@@ -21,7 +22,9 @@ class UserMutation(graphene.Mutation):
     user = graphene.Field(User)
 
     def mutate(self, info, username, password, email):
-        user = user_datastore.create_user(username=username, email=email, password=password)
+        user = user_datastore.create_user(username=username,
+                                          email=email,
+                                          password=hash_password(password))
         user_datastore.commit()
         return UserMutation(user=user)
 
diff --git a/requirements.txt b/requirements.txt
index 18fe452..c94686f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,3 +4,4 @@ flask-sqlalchemy
 flask-security
 graphene_sqlalchemy
 Flask-GraphQL
+bcrypt
-- 
GitLab