From 71c12b562d9e8badad920baea8ff8d674e327385 Mon Sep 17 00:00:00 2001
From: Andrew Dickinson <dickinsa@umich.edu>
Date: Sun, 12 Apr 2020 20:58:20 -0400
Subject: [PATCH] Only update password if changed to prevent spurious log
 entries

---
 ihatemoney/forms.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/ihatemoney/forms.py b/ihatemoney/forms.py
index 9d17cb40..f3aa6162 100644
--- a/ihatemoney/forms.py
+++ b/ihatemoney/forms.py
@@ -14,7 +14,7 @@ from flask_wtf.file import FileField, FileAllowed, FileRequired
 
 from flask_babel import lazy_gettext as _
 from flask import request
-from werkzeug.security import generate_password_hash
+from werkzeug.security import generate_password_hash, check_password_hash
 
 from datetime import datetime
 from re import match
@@ -113,7 +113,11 @@ class EditProjectForm(FlaskForm):
     def update(self, project):
         """Update the project with the information from the form"""
         project.name = self.name.data
-        project.password = generate_password_hash(self.password.data)
+
+        # Only update password if changed to prevent spurious log entries
+        if not check_password_hash(project.password, self.password.data):
+            project.password = generate_password_hash(self.password.data)
+
         project.contact_email = self.contact_email.data
         project.logging_preference = self.logging_preferences.data