From 61bd6bc4bac0cb930304b6fd7dfadd24e5318914 Mon Sep 17 00:00:00 2001
From: Javier Sánchez Parra <jsanchez@soleta.eu>
Date: Tue, 28 Jun 2022 12:31:59 +0200
Subject: Move password hashing to the backend

This patch moves login password hashing from the frontend/javascript to
the backend/flask.

This patch moves password hashing of login and user management forms.

Related commits:
  * c7b0024 ("Add password hashing")
  * 661254b ("Add 'Add user' to Users section")
---
 ogcp/forms/auth.py | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

(limited to 'ogcp/forms')

diff --git a/ogcp/forms/auth.py b/ogcp/forms/auth.py
index edc5d9a..526fdb0 100644
--- a/ogcp/forms/auth.py
+++ b/ogcp/forms/auth.py
@@ -21,8 +21,6 @@ class LoginForm(FlaskForm):
     )
     pwd = PasswordField(
         label=_l('Password'),
-    )
-    pwd_hash = HiddenField(
         validators=[InputRequired()]
     )
     submit_btn = SubmitField(
@@ -37,15 +35,11 @@ class UserForm(FlaskForm):
     )
     pwd = PasswordField(
         label=_l('Password'),
-    )
-    pwd_hash = HiddenField(
-        validators=[InputRequired()]
+        validators=[InputRequired()],
     )
     pwd_confirm = PasswordField(
         label=_l('Repeat password'),
-    )
-    pwd_hash_confirm = HiddenField(
-        validators=[InputRequired()]
+        validators=[InputRequired()],
     )
     admin = BooleanField(
         label=_l('Administrator'),
-- 
cgit v1.2.3-18-g5258