Add encrypted password output in the superuser API

When creating a user or changing their password, we now also return an encrypted form of the password, so API callers can pass it along

endpoints/api/superuser.py

@@ -6,7 +6,7 @@ import json
 import os
 
 from random import SystemRandom
-from app import app, avatar, superusers
+from app import app, avatar, superusers, authentication
 from flask import request
 
 from endpoints.api import (ApiResource, nickname, resource, validate_json_request, request_error,
@@ -115,16 +115,21 @@ def org_view(org):
     'avatar': avatar.get_data_for_org(org),
   }
 
-def user_view(user):
-  return  {
+def user_view(user, password=None):
+  user_data = {
     'username': user.username,
     'email': user.email,
     'verified': user.verified,
     'avatar': avatar.get_data_for_user(user),
     'super_user': superusers.is_superuser(user.username),
-    'enabled': user.enabled
+    'enabled': user.enabled,
   }
 
+  if password is not None:
+    user_data['encrypted_password'] = authentication.encrypt_user_password(password)
+
+  return user_data
+
 @resource('/v1/superuser/changelog/')
 @internal_only
 @show_if(features.SUPER_USERS)
@@ -232,7 +237,8 @@ class SuperUserList(ApiResource):
       return {
         'username': username,
         'email': email,
-        'password': password
+        'password': password,
+        'encrypted_password': authentication.encrypt_user_password(password),
       }
 
     abort(403)
@@ -355,7 +361,7 @@ class SuperUserManagement(ApiResource):
           user.enabled = bool(user_data['enabled'])
           user.save()
 
-        return user_view(user)
+        return user_view(user, password=user_data.get('password'))
 
     abort(403)