From ecdb99e2f11beec17e2e44179c12c9bb76284cfc Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Fri, 4 Dec 2020 18:56:42 -0500 Subject: [PATCH] Require passwords on accounts (#1754) - Fixed an issue where Users/Teams could be created with a null password through the Admin Panel --- CHANGELOG.md | 1 + CTFd/schemas/teams.py | 1 + CTFd/schemas/users.py | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 92bbbaea..7fb5ba10 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -63,6 +63,7 @@ - Examples for regex flags are now provided - Wrong submissions has been renamed to Incorrect Submissions - Graphs in the Admin Statistics page will now scroll with mouse wheel to improve browsing large datasets +- Fixed an issue where Users/Teams could be created with a null password **Deployment** diff --git a/CTFd/schemas/teams.py b/CTFd/schemas/teams.py index 68639c62..5925ac82 100644 --- a/CTFd/schemas/teams.py +++ b/CTFd/schemas/teams.py @@ -33,6 +33,7 @@ class TeamSchema(ma.ModelSchema): allow_none=False, validate=validate.Email("Emails must be a properly formatted email address"), ) + password = field_for(Teams, "password", required=True, allow_none=False) website = field_for( Teams, "website", diff --git a/CTFd/schemas/users.py b/CTFd/schemas/users.py index 66393061..c42a6a8e 100644 --- a/CTFd/schemas/users.py +++ b/CTFd/schemas/users.py @@ -51,7 +51,7 @@ class UserSchema(ma.ModelSchema): ], ) country = field_for(Users, "country", validate=[validate_country_code]) - password = field_for(Users, "password") + password = field_for(Users, "password", required=True, allow_none=False) fields = Nested( UserFieldEntriesSchema, partial=True, many=True, attribute="field_entries" )