PasswordType commit does nothing when verify_and_update is triggered.

[Flyflo]

Committing a PasswordType that has been updated by the verify_and_update method because it's using a deprecated scheme doesn't work correctly for me.

After comparing the password with the correct one, the value is actually updated with the new scheme but when I commit my object, the change isn't reflected to the DB.

Here's a minimal code to reproduce the behavior (using Python 3.3.2):

from sqlalchemy import create_engine, Column, Integer, event
from sqlalchemy.orm import sessionmaker, mapper
from sqlalchemy.ext.declarative import declarative_base
from passlib.hash import md5_crypt
from sqlalchemy_utils import Password, PasswordType, coercion_listener

sql_engine = create_engine('sqlite:///testdb.sqlite')
Session = sessionmaker(bind=sql_engine)
session = Session()
Base = declarative_base()
event.listen(mapper, 'mapper_configured', coercion_listener)


class User(Base):
    __tablename__ = 'users'

    id = Column(Integer, primary_key=True)

    password = Column(PasswordType(
        schemes=[
            'pbkdf2_sha512',
            'md5_crypt'
        ],

        deprecated=['md5_crypt']
    ))

Base.metadata.drop_all(sql_engine)
Base.metadata.create_all(sql_engine)

user = User()
session.add(user)

user.password = Password(md5_crypt.encrypt('b').encode('utf-8'))
session.commit()

print(user.password.hash)           # The md5 hash
print(user.password == 'b')         # True and update the hash
print(user.password.hash)           # The hash is now pbkdf2_sha512
session.commit()                    # Nothing changes

user = session.query(User).get(1)   # Get the previous object from the database
print(user.password.hash)           # The password is still a md5 hash instead of pbkdf2_sha512

Is this the correct behavior or am I missing something ?

[mehcode]

Okay; @Flyflo, that should have fixed it. Can you install from master and see if it works for you?

[Flyflo]

It seems to work as expected.
Thank you for the fix :)