def log_in_user(parsed_args: Namespace) -> None:
if parsed_args.username is None:
username = input("Username: "******"Password for user '{}': ".format(username)
# In order to not send clear-text passwords, we hash the password.
password = api.salt_and_hash(getpass.getpass(message))
auth_inst = api.Authentication.instance()
auth.do_login(parsed_args.master, auth_inst, username=username, password=password)
auth_inst.token_store.set_active(username, True)
def initialize_session(
master_address: str, requested_user: Optional[str] = None, try_reauth: bool = False
) -> None:
auth = Authentication.instance()
session_user = (
requested_user or auth.token_store.get_active_user() or constants.DEFAULT_DETERMINED_USER
)
token = auth.token_store.get_token(session_user)
if token is not None and not _is_token_valid(master_address, token):
auth.token_store.drop_user(session_user)
token = None
if token is not None:
auth.session = api.Session(session_user, token)
return
if token is None and not try_reauth:
raise api.errors.UnauthenticatedException(username=session_user)
password = None
if session_user == constants.DEFAULT_DETERMINED_USER:
password = constants.DEFAULT_DETERMINED_PASSWORD
elif session_user is None:
session_user = input("Username: "******"Password for user '{}': ".format(session_user))
)
token = do_login(master_address, auth, session_user, password)
auth.token_store.set_token(session_user, token)
# If the user wasn't set with the '-u' option and the session_user
# is the default user, tag them as being the active user.
if requested_user is None and session_user == constants.DEFAULT_DETERMINED_USER:
auth.token_store.set_active(session_user, True)
auth.session = api.Session(session_user, token)
def change_password(parsed_args: Namespace) -> None:
auth_inst = api.Authentication.instance()
if parsed_args.target_user:
username = parsed_args.target_user
elif parsed_args.user:
username = parsed_args.user
else:
username = auth_inst.get_session_user()
if not username:
# The default user should have been set by now by autologin.
print(
colored("Please log in as an admin or user to change passwords",
"red"))
return
# If the target user's password isn't being changed by another user, reauthenticate after
# password change so that the user doesn't have to do so manually.
reauthenticate = parsed_args.target_user is None
password = getpass.getpass("New password for user '{}': ".format(username))
check_password = getpass.getpass("Confirm password: "******"Passwords do not match", "red"))
return
# Hash the password to avoid sending it in cleartext.
password = api.salt_and_hash(password)
update_user(username, parsed_args.master, password=password)
if reauthenticate:
set_active = auth_inst.is_user_active(username)
auth_inst = api.Authentication.instance()
auth.do_login(parsed_args.master, auth_inst, username, password)
auth_inst.token_store.set_active(username, set_active)