Use NULL for non-existant passwords

app/blueprints/github/__init__.py

@@ -73,7 +73,7 @@ def callback(oauth_token):
 			flash("Unable to find an account for that Github user", "danger")
 			return redirect(url_for("users.claim"))
 		elif loginUser(userByGithub):
-			if not current_user.hasPassword():
+			if not current_user.password:
 				return redirect(next_url or url_for("users.set_password", optional=True))
 			else:
 				return redirect(next_url or url_for("homepage.home"))

app/blueprints/users/account.py

@@ -143,7 +143,7 @@ def change_password():
 @bp.route("/user/set-password/", methods=["GET", "POST"])
 @login_required
 def set_password():
-	if current_user.hasPassword():
+	if current_user.password:
 		return redirect(url_for("users.change_password"))
 
 	form = SetPasswordForm(request.form)

app/models.py

@@ -134,7 +134,7 @@ class User(db.Model, UserMixin):
 
 	# User authentication information
 	username     = db.Column(db.String(50, collation="NOCASE"), nullable=False, unique=True, index=True)
-	password     = db.Column(db.String(255), nullable=False, server_default="")
+	password     = db.Column(db.String(255), nullable=True, server_default=None)
 	reset_password_token = db.Column(db.String(100), nullable=False, server_default="")
 
 	def get_id(self):
@@ -172,7 +172,7 @@ class User(db.Model, UserMixin):
 	tokens        = db.relationship("APIToken", backref="owner", lazy="dynamic")
 	replies       = db.relationship("ThreadReply", backref="author", lazy="dynamic")
 
-	def __init__(self, username=None, active=False, email=None, password=""):
+	def __init__(self, username=None, active=False, email=None, password=None):
 		self.username = username
 		self.email_confirmed_at = datetime.datetime.now() - datetime.timedelta(days=6000)
 		self.display_name = username
@@ -181,9 +181,6 @@ class User(db.Model, UserMixin):
 		self.password = password
 		self.rank = UserRank.NOT_JOINED
 
-	def hasPassword(self):
-		return self.password != ""
-
 	def canAccessTodoList(self):
 		return Permission.APPROVE_NEW.check(self) or \
 				Permission.APPROVE_RELEASE.check(self) or \

migrations/versions/3f5836a3df5c_.py

@@ -0,0 +1,37 @@
+"""empty message
+
+Revision ID: 3f5836a3df5c
+Revises: b3c7ff6655af
+Create Date: 2020-12-04 22:30:33.420071
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '3f5836a3df5c'
+down_revision = 'b3c7ff6655af'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    op.alter_column('user', 'password',
+               existing_type=sa.VARCHAR(length=255),
+               nullable=True,
+               existing_server_default=sa.text("''::character varying"))
+
+    op.execute("""
+        UPDATE "user" SET password=NULL WHERE password=''
+    """)
+    op.create_check_constraint("CK_password", "user",
+            "password IS NULL OR password != ''")
+
+
+def downgrade():
+    op.drop_constraint("CK_password", "user", type_="check")
+    op.alter_column('user', 'password',
+               existing_type=sa.VARCHAR(length=255),
+               nullable=False,
+               existing_server_default=sa.text("''::character varying"))