From bb4f7c2d08c835de55e5342371f9e0331994aae0 Mon Sep 17 00:00:00 2001
From: "Manuel Weiser (aider)" <manuel.weiser@me.com>
Date: Mon, 2 Sep 2024 11:14:15 +0200
Subject: [PATCH] feat: allow admin to update user password without viewing it

---
 game_collection/user_management.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/game_collection/user_management.py b/game_collection/user_management.py
index 0e5dc6a..18b58e3 100644
--- a/game_collection/user_management.py
+++ b/game_collection/user_management.py
@@ -81,6 +81,11 @@ def edit_user(user_id):
         return jsonify({'message': 'User not found!'}), 404
     user.username = data.get('username', user.username)
     user.role = data.get('role', user.role)
+    
+    # Update password if provided
+    if 'password' in data:
+        user.password = generate_password_hash(data['password'])
+    
     db.session.commit()
     return jsonify({'message': 'User updated!'}), 200