From 75c6c11b0d8d54ab2e4286b561a2d1aa519b14b0 Mon Sep 17 00:00:00 2001
From: Ethan Dalool <git@voussoir.net>
Date: Thu, 7 Jan 2021 19:21:23 -0800
Subject: [PATCH] Add User.set_password.

---
 etiquette/objects.py | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/etiquette/objects.py b/etiquette/objects.py
index 3855b93..0cb649d 100644
--- a/etiquette/objects.py
+++ b/etiquette/objects.py
@@ -3,6 +3,7 @@ This file provides the data objects that should not be instantiated directly,
 but are returned by the PDB accesses.
 '''
 import abc
+import bcrypt
 import os
 import PIL.Image
 import re
@@ -1687,6 +1688,22 @@ class User(ObjectBase):
         self.photodb.sql_update(table='users', pairs=data, where_key='id')
         self._display_name = display_name
 
+    @decorators.required_feature('user.edit')
+    @decorators.transaction
+    def set_password(self, password):
+        if not isinstance(password, bytes):
+            password = password.encode('utf-8')
+
+        self.photodb.assert_valid_password(password)
+        hashed_password = bcrypt.hashpw(password, bcrypt.gensalt())
+
+        data = {
+            'id': self.id,
+            'password': hashed_password,
+        }
+        self.photodb.sql_update(table='users', pairs=data, where_key='id')
+        self.hashed_password = hashed_password
+
 class WarningBag:
     def __init__(self):
         self.warnings = set()