Add password hashing

The front-end now hashes passwords before sending them to the back-end. It uses SHA-512. This commit adds a hidden input which sends the password hash to not interfere with browsers' save password functionality. Also change passwords of the template configuration file for their hashed/digested versions.
author: Javier Sánchez Parra <jsanchez@soleta.eu> 2022-04-21 17:30:12 +0200
committer: Javier Sánchez Parra <jsanchez@soleta.eu> 2022-04-22 13:02:30 +0200
commit: c7b0024d2405d29e5c36445b6d28af046b2213f1 (patch)
tree: 4987ac0135c1f264ac90b20c6d479261d45baca7 /ogcp/views.py
parent: 1f9a3d3b4156aef3562efec41da3f2b6cc8ec74b (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/ogcp/views.py b/ogcp/views.py
index a0d3e44..66e9007 100644
--- a/ogcp/views.py
+++ b/ogcp/views.py
@@ -261,7 +261,7 @@ def login():
     form = LoginForm(request.form)
     if request.method == 'POST' and form.validate():
         form_user = request.form['user']
-        pwd = request.form['pwd']
+        pwd = request.form['pwd_hash']
         user_dict = authenticate_user(form_user, pwd)
         if not user_dict:
             return render_template('auth/login.html', form=form)
author	Javier Sánchez Parra <jsanchez@soleta.eu>	2022-04-21 17:30:12 +0200
committer	Javier Sánchez Parra <jsanchez@soleta.eu>	2022-04-22 13:02:30 +0200
commit	c7b0024d2405d29e5c36445b6d28af046b2213f1 (patch)
tree	4987ac0135c1f264ac90b20c6d479261d45baca7 /ogcp/views.py
parent	1f9a3d3b4156aef3562efec41da3f2b6cc8ec74b (diff)