feat: allow admin to update user password without viewing it

2024-09-02 11:14:15 +02:00 · 2024-09-02 11:14:15 +02:00 · bb4f7c2d08
commit bb4f7c2d08
parent d7cf96978a
1 changed files with 5 additions and 0 deletions
--- a/game_collection/user_management.py
+++ b/game_collection/user_management.py
@ -81,6 +81,11 @@ def edit_user(user_id):
        return jsonify({'message': 'User not found!'}), 404
    user.username = data.get('username', user.username)
    user.role = data.get('role', user.role)
+    
+    # Update password if provided
+    if 'password' in data:
+        user.password = generate_password_hash(data['password'])
+    
    db.session.commit()
    return jsonify({'message': 'User updated!'}), 200