From 08389cb1a08040f88ac88964152c5cc2b2daeed8 Mon Sep 17 00:00:00 2001
From: SIkebe <SIkebe@users.noreply.github.com>
Date: Sat, 30 Nov 2019 21:41:47 +0900
Subject: [PATCH] Hash password created by Web API (#2403)

---
 .../gitbucket/core/controller/api/ApiUserControllerBase.scala  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/scala/gitbucket/core/controller/api/ApiUserControllerBase.scala b/src/main/scala/gitbucket/core/controller/api/ApiUserControllerBase.scala
index 4b696212f..fa908a32d 100644
--- a/src/main/scala/gitbucket/core/controller/api/ApiUserControllerBase.scala
+++ b/src/main/scala/gitbucket/core/controller/api/ApiUserControllerBase.scala
@@ -4,6 +4,7 @@ import gitbucket.core.controller.ControllerBase
 import gitbucket.core.service.{AccountService, RepositoryService}
 import gitbucket.core.util.{AdminAuthenticator, UsersAuthenticator}
 import gitbucket.core.util.Implicits._
+import gitbucket.core.util.StringUtil._
 import org.scalatra.NoContent
 
 trait ApiUserControllerBase extends ControllerBase {
@@ -70,7 +71,7 @@ trait ApiUserControllerBase extends ControllerBase {
     } yield {
       val user = createAccount(
         data.login,
-        data.password,
+        pbkdf2_sha256(data.password),
         data.fullName.getOrElse(data.login),
         data.email,
         data.isAdmin.getOrElse(false),