def lambda_handler(event, context): length = event['pathParameters']['proxy'].split('/')[0] count = event['pathParameters']['proxy'].split('/')[1] if not count: passwd = pwgen( int(length), symbols=False, ) else: passwd = pwgen( int(length), int(count), symbols=False, ) return { 'statusCode': 200, 'headers': { 'Content-Type': 'application/json' }, 'body': json.dumps({ 'value': passwd, 'path': event['pathParameters'], }) }
def obj_create(self, bundle, **kwargs): # Does someone already exist with this email address? We use AAF for auth... if User.objects.filter( email__iexact=bundle.data['username']).count() > 0: bundle.obj = User.objects.get( email__iexact=bundle.data['username']) else: if bundle.data['is_superuser']: u = User.objects.create_superuser( bundle.data['username'], bundle.data['username'], pwgen.pwgen(25), first_name=bundle.data['first_name'], last_name=bundle.data['last_name'], ) else: u = User.objects.create_user( bundle.data['username'], bundle.data['username'], pwgen.pwgen(25), first_name=bundle.data['first_name'], last_name=bundle.data['last_name'], ) UserProfile(user=u).save() bundle.obj = u for group in bundle.data['groups']: bundle.obj.groups.add(Group.objects.get(pk=group['id'])) bundle.obj.save() return bundle
def obj_create(self, bundle, **kwargs): # Does someone already exist with this email address? We use AAF for auth... if User.objects.filter(email__iexact=bundle.data['username']).count() > 0: bundle.obj = User.objects.get(email__iexact=bundle.data['username']) else: if bundle.data['is_superuser']: u = User.objects.create_superuser( bundle.data['username'], bundle.data['username'], pwgen.pwgen(25), first_name=bundle.data['first_name'], last_name=bundle.data['last_name'], ) else: u = User.objects.create_user( bundle.data['username'], bundle.data['username'], pwgen.pwgen(25), first_name=bundle.data['first_name'], last_name=bundle.data['last_name'], ) UserProfile(user=u).save() bundle.obj = u for group in bundle.data['groups']: bundle.obj.groups.add(Group.objects.get(pk=group['id'])) bundle.obj.save() return bundle
def bench_set(self): bench_id = pwgen(64) start_time = time.time() for _ in range(self.query_count): key = '{}-{}'.format(bench_id, self.key_length) self.conn.set(key, pwgen(self.value_length), ex=self.ttl) result = round(time.time() - start_time, 2) self.results['SET']['time'] = result self.results['SET']['qps'] = round(self.query_count / result)
def generate_string(length, count): if count == 1: passwd = pwgen(length, no_numerals=True, symbols=False) + "\n" str_single_count.inc() return Response(passwd.upper(), mimetype="text/plain") else: passwd = "\n".join( pwgen(length, count, no_numerals=True, symbols=False)) + "\n" str_multi_count.inc() return Response(passwd.upper(), mimetype="text/plain")
def generate_random(length, count): if count == 1: passwd = pwgen(length, symbols=True, allowed_symbols=valid_chars) + "\n" single_count.inc() return Response(passwd, mimetype="text/plain") else: passwd = "\n".join( pwgen(length, count, symbols=True, allowed_symbols=valid_chars)) + "\n" multi_count.inc() return Response(passwd, mimetype="text/plain")
def bench_get(self): bench_id = pwgen(64) # bench preparation for i in range(self.query_count): key = '{}-{}'.format(bench_id, i) self.conn.set(key, pwgen(self.value_length), ex=60) # real bench start_time = time.time() for i in range(self.query_count): key = '{}-{}'.format(bench_id, i) self.conn.get(key) result = round(time.time() - start_time, 2) self.results['GET']['time'] = result self.results['GET']['qps'] = round(self.query_count / result)
def test_register(self): self.driver.get('https://accounts.google.com') username = pwgen(15) passwd = pwgen(15) create_acc_btn = self.driver.find_element_by_xpath( '//span[contains(text(), "Создать аккаунт")]' ) create_acc_btn.click() firstname_input = self.driver.find_element_by_xpath( '//input[@name="firstName"]' ) firstname_input.send_keys('selenium') lastname_input = self.driver.find_element_by_xpath( '//input[@name="lastName"]' ) lastname_input.send_keys('test') username_input = self.driver.find_element_by_xpath( '//input[@name="Username"]' ) username_input.send_keys(username) passwd_input = self.driver.find_element_by_xpath( '//input[@name="Passwd"]' ) passwd_input.send_keys(passwd) confirmpasswd_input = self.driver.find_element_by_xpath( '//input[@name="ConfirmPasswd"]' ) confirmpasswd_input.send_keys(passwd) next_btn = self.driver.find_element_by_xpath( '//span[contains(text(), "Далее")]' ) next_btn.click() self.assertTrue( EC.element_to_be_clickable( ( By.XPATH, '//h1[contains(text(), "Подтвердите номер телефона")]' ) ), msg="переход на страницу с подтвержденеим телефона" )
def generate_password(credential_id, user): """ Generate a new password credential and add it to the VCCS authentication backend. The salt returned needs to be saved for use in subsequent authentications using this password. The password is returned so that it can be conveyed to the user. :param credential_id: VCCS credential_id as string :param user: user data as dict :return: (password, salt) both strings """ user_id = str(user.user_id) config = current_app.config password = pwgen(int(config.get('PASSWORD_LENGTH')), no_capitalize = True, no_symbols = True) factor = vccs_client.VCCSPasswordFactor(password, credential_id) current_app.logger.info("Adding VCCS password factor for user {}, " "credential_id {!r}".format(user, credential_id)) vccs = vccs_client.VCCSClient(base_url = config.get('VCCS_URL')) try: result = vccs.add_credentials(user_id, [factor]) except vccs_client.VCCSClientHTTPError as e: current_app.logger.error('There was an error adding credentials for user {} ' ': {!r}'.format(user, e)) raise e current_app.logger.debug("VCCS password (id {!r}) creation result: " "{!r}".format(credential_id, result)) return _human_readable(password), factor.salt
class Profile(models.Model): user = models.OneToOneField(User, on_delete=models.CASCADE) phone = models.CharField(max_length=10, db_index=True, default="", verbose_name="Внутренний телефонный номер") job = models.CharField(max_length=100, default="", verbose_name="Должность") surname = models.CharField(max_length=100, default="", verbose_name="Отчество") userkiscode = models.CharField( max_length=50, default=pwgen(24), verbose_name="Идентификатор пользователя в системе КИС") work_status = models.BooleanField( default=False, verbose_name="Статус смены" ) ### Для личной карточки учета рабочего времени relax_status = models.BooleanField( default=False, verbose_name="Статус перевыва в работе" ) ### Для личной карточки учета рабочего времени settings = JSONField(default={}) ip = models.CharField(max_length=15, null=True, default=None) @receiver(post_save, sender=User) def create_user_profile(sender, instance, created, **kwargs): if created: Profile.objects.create(user=instance) @receiver(post_save, sender=User) def save_user_profile(sender, instance, **kwargs): instance.profile.save()
def main(): parser = argparse.ArgumentParser() parser.add_argument('--passwd', action='store_true', help="processa todos os pedidos de recuperação de senha") parser.add_argument('--create', action='store_true', help="processa todos os pedidos de criação de conta") args = parser.parse_args() if (args.passwd): api = criaconta.CriaConta() todo = api.password_requests() for request in todo: request_id = str(request['id']) username = request['username'] request['passwd'] = pwgen.pwgen() password(request, 'cpw') mail(request, 'Recuperação de senha', 'passwd.txt') status = api.password_reset(request_id) if (status == 200): print("conta "+username+" criada.") elif (status == 404): print("conta "+username+" fracassou na API.") else: print("comando inválido.\n") elif (args.create): api = criaconta.CriaConta() todo = api.list() for account in todo: print(show(account)) create(account) else: interactive_mode()
def create_backend(account): group = account['group'] username = account['username'] name = unidecode.unidecode(account['name']) account['passwd'] = pwgen.pwgen(12) home = "/home/%s/%s"%(group, username) mail_body = "create.txt" if (check(account, noout=True) == 0): local_account = pwd.getpwnam(username) local_name = local_account.pw_gecos local_group = grp.getgrgid(local_account.pw_gid).gr_name if (name == local_name and group == local_group): return 0 else: print("grupo: %s:%s"%(group, local_group)) print("%s\n%s"%(name, local_name)) return 1 if (add(account) != 0): return 1 setquota(account) if (account['type'] == 'institucional'): print("Observações: %s"%(account['obs'])) password(account, 'add') else: password(account, 'add') pykota(account) mail(account, 'Pedido de criação de conta', mail_body) return 0
def changetoken(request, next_page): logger.debug("user %s" % request.user) profile = request.user.profile profile.token = pwgen.pwgen(64) profile.save() messages.warning(request, 'Your secret token is updated. You will not be able to access your running containers until you restart them.') return redirect(next_page)
def create(self): username = None for attr in self.args['public_attributes']: if attr['attribute'] == 'sAMAccountName': username = attr['set_value'].upper() break dn = "cn=%s,%s" % (username, self.args['dn']) attrs = {} for attr in self.args['attributes']: if attr['attribute'] == 'sAMAccountName': attrs[attr['attribute']] = attr['set_value'].upper() else: attrs[attr['attribute']] = attr['set_value'].encode("utf-8") raw_password = pwgen(12, no_symbols=True) password = '******' % raw_password password = password.encode('utf-16-le') attrs['unicodePwd'] = password user = arma_models.User.create(attrs=attrs, dn=dn) user.attr_replace('userAccountControl', '512') user.attr_replace('pwdLastSet', '0') for grp in self.args['groups']: group = arma_models.Group.open(grp['group_name']) user.add_to_group(group) au, u = create_user(username=username) template = adum_models.Template.objects.get(pk=self.args['id']) uc = adum_models.UserCreation(user=au, password=raw_password, template=template) uc.save() self.create_home_directory(user) return {'user': self.serialize(user)}
def add(request): if request.method == 'POST': docE = Document.objects.get(id=request.POST['key']) doc = docE.name person = Person() person.FIO = request.POST['data'] person.file = docE person.save() persons = Person.objects.filter(file=docE) try: with open("static/files/" + doc + ".csv", 'w', newline='') as csvfile: spamwriter = csv.writer(csvfile, delimiter=',', quoting=csv.QUOTE_MINIMAL) for psn in persons: lines = psn.FIO.split("\n") for line in lines: password = pwgen(10, symbols=False) word = line.split() username = doc + translit(word[0].lower()) email = username + '@prk.local' spamwriter.writerow([username] + [password] + [word[0]] + [word[1]] + [email]) except: pass return HttpResponseRedirect("/", locals())
def create_user(self, user): from pwgen import pwgen con = self.connection or self._connect() cur = con.cursor() cur.execute('CREATE SCHEMA {0};'.format(user)) # self._initialize(schema=schema_name) password = pwgen(8) cur.execute("CREATE USER {0} with PASSWORD '{0}';".format( user, password)) cur.execute('GRANT ALL PRIVILEGES ON SCHEMA {0} TO {1};'.format( user, user)) cur.execute('GRANT USAGE ON SCHEMA public TO {0};'.format(user)) cur.execute( 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO {0};'.format(user)) cur.execute('ALTER ROLE {0} SET search_path TO {1};'.format( user, user)) con.commit() con.close() self.schema = user self.user = user self.password = password con = self.connection or self._connect() self._initialize(con) con.commit() con.close() self.stdout.write('CREATED USER {0} WITH PASSWORD {1}\n'.format( user, password)) return self
def _update_password(self, key): # Update password in Card new_password = pwgen() self.reader.write(new_password) # Update password in CSV self.data.loc[self.data.Key == key, 'Password'] = new_password
def __init__(self): self.liked_posts = set() self.likes_made = 0 self.tokens = {} self.username = names.get_first_name( gender=random.choice(['male', 'female'])) self.password = pwgen(12)
def generate_password(credential_id, user): """ Generate a new password credential and add it to the VCCS authentication backend. The salt returned needs to be saved for use in subsequent authentications using this password. The password is returned so that it can be conveyed to the user. :param credential_id: VCCS credential_id as string :param user: user data as dict :return: (password, salt) both strings """ user_id = str(user.user_id) config = current_app.config password = pwgen(int(config.get('PASSWORD_LENGTH')), no_capitalize=True, no_symbols=True) factor = vccs_client.VCCSPasswordFactor(password, credential_id) current_app.logger.info("Adding VCCS password factor for user {}, " "credential_id {!r}".format(user, credential_id)) vccs = vccs_client.VCCSClient(base_url=config.get('VCCS_URL')) try: result = vccs.add_credentials(user_id, [factor]) except vccs_client.VCCSClientHTTPError as e: current_app.logger.error( 'There was an error adding credentials for user {} ' ': {!r}'.format(user, e)) raise e current_app.logger.debug("VCCS password (id {!r}) creation result: " "{!r}".format(credential_id, result)) return _human_readable(password), factor.salt
def add(self, type, label, login, pwd, description, folder): if type == 'item': if description: description = u'{}'.format(description.replace('\\r\\n', '<br />')) if not pwd: pwd = pwgen(16, symbols=False, no_ambiguous=True) payload_data = ['' if item is None else item for item in [label, pwd, description, folder, login, '', '', '', '1']] payload_data = [base64.b64encode(data.encode('utf-8')) for data in payload_data] payload = b';'.join(payload_data) elif type == 'folder': payload = base64.b64encode((';'.join([label, '0', folder, '0', '0']).encode('utf-8'))) url = '{0}/add/{2}/{3}?apikey={1}'\ .format(self.api_endpoint, self.api_key, type, payload.decode('utf-8')) req = requests.get(url, verify=False) if req.status_code != 200: if req.json() and 'err' in req.json(): raise TeampassApiException(req.json()['err']) else: raise TeampassHttpException(req.status_code, req.text) else: if 'new_item_id' in req.json(): return self.get(type, req.json()['new_item_id']) elif 'new_folder_id' in req.json(): return self.get(type, req.json()['new_folder_id']) elif 'err' in req.json(): raise TeampassApiException(req.json()['err'])
def create_user_profile(sender, instance, created, **kwargs): if created: logger.info("New user %s" % instance) last_uid = Profile.objects.all().aggregate(models.Max('userid'))['userid__max'] uid = KOOPLEX.get('min_userid', 1000) if last_uid is None else last_uid + 1 token = pwgen.pwgen(64) Profile.objects.create(user = instance, userid = uid, token = token)
def upload(request): if request.method == 'POST': form = UploadFileForm(request.POST, request.FILES) file = UploadFile() file.upload = request.FILES['upload'] file.download = file.upload.name + ".csv" file.save() # doc = UploadFile.objects.latest('id').upload print(doc) # with open("static/files/"+doc, 'w', newline='') as csvfile: # spamwriter = csv.writer(csvfile, delimiter=',', quoting=csv.QUOTE_MINIMAL) f = open('static/media/' + doc.name) with open("static/media/" + doc.name + ".csv", 'w', newline='') as csvfile: spamwriter = csv.writer(csvfile, delimiter=',', quoting=csv.QUOTE_MINIMAL) for line in f: print(line) password = pwgen(10, symbols=False) word = line.split() username = doc.name + translit(word[0].lower()) email = username + '@prk.local' spamwriter.writerow([username] + [password] + [word[0]] + [word[1]] + [email]) return HttpResponseRedirect("/", locals())
def new(): db = get_shelve() invalid = validate_new_form(request) email = str(request.form['email']) username = str(request.form['username']) if(not invalid and db.has_key(email)): flash(u'La direcció de correu ja existeix.','error') invalid = True if not invalid and username in [ x['username'] for x in db.values()]: flash(u'El nom d\'usuari ja existeix.','error') invalid = True if invalid: return redirect(url_for("new_user")) pwd = str(pwgen(10, no_symbols=True)) #TODO: Provar la connexió amb MLDonkey if MLDONKEY_ENABLED: with mldonkey.MLDonkey(MLDONKEY_HOST,MLDONKEY_PORT) as ml: ml.new_user(request.form['username'],request.form['email'],pwd) #Afegir el usuari a la BD (fitxer) db[email] = { 'username' : username, 'password' : md5(pwd), } msg = MIMEText(" Usuari: %s \n Password: %s \n " % (username, pwd)) msg['Subject'] = 'Dades acces burra' sendmail([request.form['email']],msg) flash(u'Les dades d\'accès s\'han enviat al vostre correu electrònic.','success') return redirect(url_for("new_user"))
def make_secure_token(): """ Generate a session token by which the user session will be identified. This is tied to the account and allows getting the account from a session cookie. :return: a random token """ return pwgen(TOKEN_LENGTH, no_symbols=True)
def generatenewpassword(self): password = pwgen.pwgen(12) self.changepassword(self, password) with open( SETTINGS.get('user').get('pattern_passwordfile') % self, 'w') as f: f.write(self.password) self.changepassword(password)
def create_user_profile(sender, instance, created, **kwargs): if created: logger.info("New user %s" % instance) last_uid = Profile.objects.all().aggregate( models.Max('userid'))['userid__max'] uid = KOOPLEX.get('min_userid', 1000) if last_uid is None else last_uid + 1 token = pwgen.pwgen(64) Profile.objects.create(user=instance, userid=uid, token=token)
def create_user(self, username: str) -> str: """Create user in rabbitmq. Return the password for the user. :param username: username to create :returns: password for username """ api = self._get_admin_api() _password = pwgen.pwgen(12) api.create_user(username, _password) return _password
def deploy(cls, session, domain, owner, environment, technical_contact, theme=None, default_language=u'it', database_password=None, enabled=True): if not database_password: database_password = pwgen.pwgen(16, no_symbols=True) try: cls.log.info("Deploying instance for %s in environment %s", domain, environment) instance = cls(domain=domain, owner=owner, environment=environment, theme=theme, technical_contact=technical_contact, default_language=default_language, database_password=database_password, enabled=False) session.add(instance) session.flush() instance._create_structure(session) instance._create_python_package_paths(session) instance._create_database(session) instance._populate_database(session) # add group and users if instance.owner.organization: instance_group_parent = instance.owner.organization else: instance_group_parent = None instance_group = Group(name=instance.domain, parent=instance_group_parent) instance.log.info("Created group %s, parent=%s", instance_group, instance_group_parent) instance.groups.append(instance_group) admins = User.search(session, User.groups.any(Group.name == u'admin')) if instance.owner not in admins: instance.log.info("Adding user %s to group %s", instance.owner, instance_group) instance.owner.groups.append(instance_group) instance.flush_cache() if enabled: instance.enabled = True except: session.rollback() raise else: return instance
def geniUser(): # # Get the certificate. POST request data comes in in unicode and this makes the # ssl parser very unhappy, so re-encode in ascii. certText1 = request.form['cert'] certText = certText1.encode('ascii') try: cert = X509.load_cert_string(certText, X509.FORMAT_PEM) except Exception as ex: return render_template('error.html', message = 'Failed to parse GENI certficate: %s' % str(ex)) # old and dead -- X509 verifies and Openssl.crypto doesn't. # cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, certText) # Verify the cert against the GENI Key code = cert.verify(geniKey) if(code != 1): return render_template('error.html', message='Error: signature verifcation code failure %d' % code) # get the subject's email address issuer = cert.get_issuer() subject = cert.get_subject() emailAddress = subject.Email # get the Subject Alternate Name field and pull the geni user name from that userName = None for i in range(0, cert.get_ext_count()): ext = cert.get_ext_at(i) if (ext.get_name() == 'subjectAltName'): userName = getUserName(ext.get_value()) break # If this failed, for whatever reason, make the name from the email address if (not userName): userName = makeUserName(emailAddress) validTil = str(cert.get_not_after()) userName = addAtGeni(userName) # # generate a random password # password=pwgen.pwgen(8, no_symbols=True) resultReport = createUser(userName, password, emailAddress, validTil) if (not resultReport["Success"]): return render_template('report.html', username=userName, emailAddress=emailAddress, message=resultReport['message'], success=False) # # Send a success email # userName = resultReport['userName'] emailSent = sendMailFromSAVI(emailAddress, userName, password) if (emailSent): emailSuccessMessage = 'email from [email protected] sent to %s with login information' % emailAddress else: emailSuccessMessage = 'email send failed for %s. Please log in immediately using user name %s and password %s and change your password.' % (emailAddress, userName, password) # Return a success report. return render_template('report.html', username=userName, emailAddress=emailAddress, success=True, emailSuccessMessage=emailSuccessMessage)
def generatePassword(policy): """ General purpose password generator. Uses the policy to generate passwords. Attributes: policy -- The policy to read from; defines password length, symbol usage and perhaps others in the future Returns: Password based on policy as string """ return pwgen(policy['password_length'], no_symbols=policy['no_symbols'])
def hotspot_page(): if LISTEN == '127.0.0.1': sh.sudo('nginx', '-s', 'stop') ssid = "ScreenlyOSE-{}".format(pwgen(4, symbols=False)) ssid_password = pwgen(8, symbols=False) wifi_connect = sh.sudo('wifi-connect', '-s', ssid, '-p', ssid_password, _bg=True, _err_to_out=True) while 'Starting HTTP server' not in wifi_connect.process.stdout: sleep(1) return template('hotspot.html', network=ssid, ssid_pswd=ssid_password, address='screenly.io/wifi')
def _get_user(email): if User.objects.filter(username__iexact=email).count() > 0: u = User.objects.get(username__iexact=email) else: u = User.objects.create_user( email, email, pwgen.pwgen(25), first_name='', last_name='', ) UserProfile(user=u).save() return u
def _operator_password(self) -> Union[str, None]: """Return the operator password. If the operator password does not exist on the peer relation, create a new one and update the peer relation. It is necessary to store this on the peer relation so that it is not lost on any one unit's local storage. If the leader is deposed, the new leader continues to have administrative access to the message queue. :returns: String password or None :rtype: Unition[str, None] """ if not self.peers.operator_password and self.unit.is_leader(): self.peers.set_operator_password(pwgen.pwgen(12)) return self.peers.operator_password
def changeseaftoken(request, next_page): #TODO: what if more fs servers present??? logger.debug("user %s" % request.user) try: token = FSToken.objects.get(user = request.user) token.token = pwgen.pwgen(64) token.save() messages.warning(request, 'Your seafile secret token is updated. You may experience problem with running file syncronization tasks.') except FSToken.DoesNotExist: fsserver = FSServer.objects.all()[0] #FIXME: ugly token = FSToken.objects.create(user = request.user, syncserver = fsserver, token = pwgen.pwgen(64)) token.save() messages.info(request, 'New seafile secret token is created for %s' % fsserver) seafilepw_update(request.user.username, token.token) return redirect(next_page)
def handle(self, *args, **options): campaign_id = args[0] count = args[1] if not campaign_id or not count: return 'ERROR' codes = pwgen(8, int(count), no_symbols=True, no_capitalize=True, no_ambiguous=True) for code in codes: code = code.upper() try: DiscountCode.objects.create(campaign_id=campaign_id, code=code) except: print 'Error creating discount code - %s' % code
def on_event(self, event, extension): """ Handles event """ items = [] if event.get_argument(): pw_length = int(event.get_argument()) else: pw_length = int(extension.preferences['pw_length']) pw_count = int(extension.preferences['pw_count']) if pwgen_module: passwords = pwgen.pwgen( pw_length, pw_count, False, False, True, True, False, True, '!$.#*+-_~()][?%&@,;', True ) elif not pwgen_module and is_exist(program='pwgen'): command = 'pwgen -1 -c -n -y {} {}'.format( str(pw_length), str(pw_count) ) output = check_output(command.split(' ')) passwords = output.splitlines() else: passwords = ['Could not find neither pwgen module nor the command!'] for password in passwords: items.append( ExtensionResultItem( icon='images/icon.png', name=str(password), description='Press Enter to copy this password to clipboard', highlightable=False, on_enter=CopyToClipboardAction(str(password)) ) ) return RenderResultListAction(items)
def register(message_array, device, auto_mode): """ Message: register """ pwd = pwgen(10, no_symbols=True) if (device.contributor.status == Contributor.UNKNOWN) or (device.contributor.status == Contributor.INACTIVE): device.contributor.status = Contributor.ACTIVE device.contributor.password = pwd device.contributor.channel = SMS device.contributor.save() increment_refund(device.contributor) msg = _("Thanks for texting! You've joined our team. Your password is {0}. Reply HELP for further informations. ").format(pwd) if auto_mode: save_message(message_array, device, Message.YES) send_message(device.phone_number, msg) return Message.YES
def handle(self, *args, **options): campaign_id = args[0] count = args[1] if not campaign_id or not count: return 'ERROR' codes = pwgen(8, int(count), no_symbols=True, no_capitalize=True, no_ambiguous=True) for code in codes: code = code.upper() try: DiscountCode.objects.create(campaign_id=campaign_id, code=code) except: print('Error creating discount code - %s' % code)
def lost(): db = get_shelve() email = str(request.form['email']) if not db.has_key(email): flash(u'La direcció de correu no existeix al sistema.','error') return redirect(url_for("lost_pass")) username = db[email]['username'] pwd = pwgen(10, no_symbols=True) #TODO: Provar la connexió amb MLDonkey if MLDONKEY_ENABLED: with mldonkey.MLDonkey(MLDONKEY_HOST,MLDONKEY_PORT) as ml: ml.change_pass(username,pwd) user_data = db[email] user_data['password'] = md5(pwd) db[email] = user_data msg = MIMEText(" Usuari: %s \n Password: %s \n " % (username, pwd)) msg['Subject'] = 'Dades acces burra' sendmail([request.form['email']],msg) flash(u'Les dades d\'accès s\'han enviat al vostre correu electrònic.','success') return redirect(url_for("lost_pass"))
def auth(request): if request.method != 'POST': return HttpResponse('nope') try: # Verifies signature and expiry time verified_jwt = jwt.decode(request.POST['assertion'], secret) print 'verified_jwt:', verified_jwt # In a complete app we'd also store and validate the jti value to ensure there is no replay attack if verified_jwt['aud'] == config['test.aaf.edu.au']['aud'] and verified_jwt['iss'] == config['test.aaf.edu.au']['iss']: request.session['attributes'] = verified_jwt['https://aaf.edu.au/attributes'] request.session['jwt'] = verified_jwt request.session['jws'] = request.POST['assertion'] good_email = request.session['attributes']['mail'] if not User.objects.filter(username=good_email).count(): u = User.objects.create_superuser(good_email, good_email, pwgen.pwgen(20, 1, no_symbols=True)) else: u = User.objects.get(username=good_email) # Temporary workaround: http://stackoverflow.com/a/23771930 u.backend = 'django.contrib.auth.backends.ModelBackend' djauth.login(request, u) return redirect('welcome') else: # Not for this audience del request.session['attributes'] djauth.logout(request) raise PermissionDenied except jwt.ExpiredSignature: # Security cookie has expired del request.session['attributes'] djauth.logout(request) raise PermissionDenied
def start_vpn(vm_uuid, host, extaddr, team_id): try: logging.info("Starting VPN for team %d", team_id) password = pwgen(pw_length=20, no_ambiguous=True) message = "Run: ./setup-vpn %s %d %s" % (shlex.quote(extaddr), team_id, shlex.quote(password)) # Start the container for the specified team command = "./deploy_team %d %s" % (team_id, shlex.quote(password)) output = ssh_exec(host, command).split() status = output[-1].split(':')[0] if status == 'vpn_created': return ("start_vpn", (vm_uuid, team_id, message)) elif status == 'vpn_already_exists': logging.warn('VPN for team %d was already started' % team_id) return None logging.error("Unexpected output from start_vpn(%r, %r, %r, %d): %s", vm_uuid, host, extaddr, team_id, '\n'.join(output)) except: logging.exception("Got exception on start_vpn(%r, %r, %r, %d)", vm_uuid, host, extaddr, team_id) return None
def rcauth(request): # Only POST is supported on this URL. if request.method != 'POST': raise PermissionDenied # Rapid Connect authorization is disabled, so don't # process anything. if not settings.RAPID_CONNECT_ENABLED: raise PermissionDenied try: # Verifies signature and expiry time verified_jwt = jwt.decode( request.POST['assertion'], settings.RAPID_CONNECT_CONFIG['secret'], audience=settings.RAPID_CONNECT_CONFIG['aud']) # Check for a replay attack using the jti value. jti = verified_jwt['jti'] if JTI.objects.filter(jti=jti).exists(): logger.debug('Replay attack? ' + str(jti)) request.session.pop('attributes', None) request.session.pop('jwt', None) request.session.pop('jws', None) django_logout(request) return redirect('/') else: JTI(jti=jti).save() if verified_jwt['aud'] == settings.RAPID_CONNECT_CONFIG['aud'] and \ verified_jwt['iss'] == settings.RAPID_CONNECT_CONFIG['iss']: request.session['attributes'] = verified_jwt[ 'https://aaf.edu.au/attributes'] request.session['jwt'] = verified_jwt request.session['jws'] = request.POST['assertion'] institution_email = request.session['attributes']['mail'] logger.debug('Successfully authenticated %s via Rapid Connect.' % institution_email) # Create a user account and profile automatically. In future, # support blacklists and whitelists. first_name = request.session['attributes']['givenname'] c_name = request.session['attributes'].get('cn', '').split(' ') if not first_name and len(c_name) > 1: first_name = c_name[0] user_args = { 'id': institution_email.lower(), 'email': institution_email.lower(), 'password': pwgen.pwgen(), 'first_name': first_name, 'last_name': request.session['attributes']['surname'], } # Check for an email collision. edupersontargetedid = request.session['attributes'][ 'edupersontargetedid'] for matching_user in UserProfile.objects.filter( user__email__iexact=user_args['email']): if (matching_user.rapidConnectEduPersonTargetedID is not None and matching_user.rapidConnectEduPersonTargetedID != edupersontargetedid): del request.session['attributes'] del request.session['jwt'] del request.session['jws'] django_logout(request) raise PermissionDenied user = auth_service.get_or_create_user(user_args) if user is not None: user.backend = 'django.contrib.auth.backends.ModelBackend' djauth.login(request, user) return redirect('/') else: del request.session['attributes'] del request.session['jwt'] del request.session['jws'] django_logout(request) raise PermissionDenied # Error: Not for this audience except jwt.ExpiredSignature: del request.session['attributes'] del request.session['jwt'] del request.session['jws'] django_logout(request) raise PermissionDenied # Error: Security cookie has expired raise PermissionDenied
def generate(self, length='16', no_symbols='true', no_ambiguous='false'): length = int(length) no_symbols = no_symbols == 'true' no_ambiguous = no_ambiguous == 'true' return {'password' : pwgen.pwgen(pw_length=length, no_symbols=no_symbols, no_ambiguous=no_ambiguous)}
def main(): parser = argparse.ArgumentParser() parser.add_argument('--file', help='data file') parser.add_argument('--generate-key-to-stdout', action='store_true') parser.add_argument('--key', help='AES key file') parser.add_argument('--key-from-gpg', help='key file decrypted by GPG') parser.add_argument('--key-from-stdin', action='store_true') parser.add_argument('--node') parser.add_argument('--get-password', action='store_true') parser.add_argument('--set-password', action='store_true', help='Interactively set password') parser.add_argument('--generate-and-set-password', metavar='length') parser.add_argument('--get-username', action='store_true') parser.add_argument('--set-username', metavar='username') parser.add_argument('--show-note', action='store_true') parser.add_argument('--edit-note', action='store_true') parser.add_argument('--dump', action='store_true') parser.add_argument('--with-header', action='store_true') parser.add_argument('--list-nodes', action='store_true') parser.add_argument('--decrypt-all', action='store_true') parser.add_argument('--verbose', '-v', action='store_true') args = parser.parse_args() if args.generate_key_to_stdout: sys.stdout.write(generate_key()) return 0 key = None if args.key_from_stdin: key = sys.stdin.read() elif args.key_from_gpg: key = gpg_decrypt(args.key_from_gpg) elif args.key: if os.path.exists(args.key): key = open(args.key).read() else: sys.stderr.write('no such key file\n') return 1 if key is None: parser.print_help() return 1 if args.file is None: sys.stderr.write('no file specified\n') return 1 keychain = Keychain() keychain.use_key(key) if os.path.exists(args.file): keychain.load(args.file) if args.decrypt_all: decrypted_root = keychain.decrypt_all() params = {'sort_keys': True, 'indent': 4, 'separators': (',', ': ')} print(json.dumps(decrypted_root, **params)) return 0 if args.dump: if args.with_header: print("%s\t%s\t%s" % ("title", "username", "password")) for n in sorted(keychain.root.keys()): username = keychain.get(n, Keychain.USERNAME_FIELD) password = keychain.get(n, Keychain.PASSWORD_FIELD) print("%s\t%s\t%s" % (n, username, password)) return 0 if args.list_nodes: for node_name in sorted(keychain.root.keys()): print(node_name) return 0 if args.node is None: sys.stderr.write('no node specified\n') return 1 shown = False if args.get_username: show(keychain.get(args.node, Keychain.USERNAME_FIELD)) shown = True if args.get_password: show(keychain.get(args.node, Keychain.PASSWORD_FIELD)) shown = True if args.show_note: show(keychain.get(args.node, Keychain.NOTE_FIELD)) shown = True if shown: return 0 if args.generate_and_set_password: password = pwgen.pwgen( int(args.generate_and_set_password), capitalize=True, allowed_symbols=',.;!-') keychain.set(args.node, Keychain.PASSWORD_FIELD, password) if args.set_password: # READ FROM CMD LINE p1 = getpass.getpass('enter password: '******'repeat password: '******'password does not match\n') return 1 if len(p1) == 0 or len(p2) == 0: sys.stderr.write('password must not be empty\n') return 1 keychain.set(args.node, Keychain.PASSWORD_FIELD, p1) if args.set_username: keychain.set(args.node, Keychain.USERNAME_FIELD, args.set_username) if args.edit_note: tf = tempfile.NamedTemporaryFile(delete=False, dir=os.getcwd()) old_note = keychain.get(args.node, Keychain.NOTE_FIELD) if old_note is None: old_note = '' tf.write(old_note.encode()) tf.close() tfn = os.path.join(os.getcwd(), tf.name) tf.close() editor = os.environ.get("VISUAL") or os.environ.get("EDITOR", "vi") p = subprocess.Popen("%s \"%s\"" % (editor, tfn), shell=True) p.wait() tf = open(tfn) new_note = tf.read() tf.close() os.unlink(tfn) if old_note != new_note: keychain.set(args.node, Keychain.NOTE_FIELD, new_note) sys.stderr.write('note updated\n') else: sys.stderr.write('no change to note\n') if keychain.is_dirty(): if not os.path.exists(args.file): sys.stderr.write('creating new file\n') keychain.save(args.file) return 0
def main(data=None): parser = argparse.ArgumentParser(description='random PassWord GENerator') parser.add_argument('pw_length', default='8', type=int, nargs='?', help="Password length") parser.add_argument('--capitalize', '-c', action='store_true', dest="capitalize", help="Include at least one capital letter in " "the password") parser.add_argument('--no-capitalize', '-A', action='store_true', dest="no_capitalize", help="Don't include capital letters in the password") parser.add_argument('--numerals', '-n', action='store_true', dest='numerals', help="Include at least one number in the password") parser.add_argument('--no-numerals', '-0', action='store_true', dest='no_numerals', help="Don't include numbers in the password") parser.add_argument('--symbols', '-y', action='store_true', dest='symbols', help="Include at least one special symbol in " "the password") # parser.add_argument('--secure', '-s', action='store_true', dest='secure', # help="Generate completely random passwords") parser.add_argument('--ambiguous', '-B', action='store_true', dest='no_ambiguous', help="Don't include ambiguous characters in " "the password") # parser.add_argument('-H or --sha1=path/to/file[#seed] # help="Use sha1 hash of given file as a (not so) " # "random generator") # parser.add_argument('-C', action='store_true', dest='print_in_columns', # help="Print the generated passwords in columns") parser.add_argument('-1', action='store_const', const=1, default='160', dest='num_pw', help="Don't print the generated passwords in columns") # parser.add_argument('--no-vowels', '-v', action='store_false', # dest='vowels', # help="Do not use any vowels so as to avoid # "accidental nasty words") args = parser.parse_args() d = vars(args) result = pwgen.pwgen(**d) if type(result) == list: for y in range(20): print(" ".join([result.pop() for x in range(8)])) else: print(result)
def rcauth(request): logger.debug("rcauth() start!") # Only POST is supported on this URL. if request.method != "POST": raise PermissionDenied # Rapid Connect authorization is disabled, so don't process anything. if not settings.LOGIN_FRONTENDS["aaf"]["enabled"] and not settings.LOGIN_FRONTENDS["aafe"]["enabled"]: raise PermissionDenied try: # Verifies signature and expiry time verified_jwt = jwt.decode( request.POST["assertion"], settings.RAPID_CONNECT_CONFIG["secret"], audience=settings.RAPID_CONNECT_CONFIG["aud"], ) # Check for a replay attack using the jti value. jti = verified_jwt["jti"] if JTI.objects.filter(jti=jti).exists(): logger.debug("Replay attack? " + str(jti)) request.session.pop("attributes", None) request.session.pop("jwt", None) request.session.pop("jws", None) django_logout(request) return redirect("/") else: JTI(jti=jti).save() if ( verified_jwt["aud"] == settings.RAPID_CONNECT_CONFIG["aud"] and verified_jwt["iss"] == settings.RAPID_CONNECT_CONFIG["iss"] ): request.session["attributes"] = verified_jwt["https://aaf.edu.au/attributes"] request.session["jwt"] = verified_jwt request.session["jws"] = request.POST["assertion"] institution_email = request.session["attributes"]["mail"] edupersontargetedid = request.session["attributes"]["edupersontargetedid"] principalname = request.session["attributes"]["edupersonprincipalname"] logger.debug("Successfully authenticated %s via Rapid Connect." % institution_email) # Create a user account and profile automatically. In future, # support blacklists and whitelists. first_name = request.session["attributes"]["givenname"] c_name = request.session["attributes"].get("cn", "").split(" ") if not first_name and len(c_name) > 1: first_name = c_name[0] user_args = { "id": institution_email.lower(), "email": institution_email.lower(), "password": pwgen.pwgen(), "first_name": first_name, "last_name": request.session["attributes"]["surname"], } # if a principal domain is set strip domain from # 'edupersonprincipalname' and use remainder as user id. try: if settings.LOGIN_HOME_ORGANIZATION: domain = "@" + settings.LOGIN_HOME_ORGANIZATION if ";" not in principalname and principalname.endswith(domain): user_id = principalname.replace(domain, "").lower() user_args["id"] = user_id except: logger.debug("check principal domain failed with: %s" % sys.exc_info()[0]) # Check for an email collision. for matching_user in UserProfile.objects.filter(user__email__iexact=user_args["email"]): if ( matching_user.rapidConnectEduPersonTargetedID is not None and matching_user.rapidConnectEduPersonTargetedID != edupersontargetedid ): del request.session["attributes"] del request.session["jwt"] del request.session["jws"] django_logout(request) raise PermissionDenied user = get_or_create_user(user_args, authMethod="aaf") if user is not None: user.backend = "django.contrib.auth.backends.ModelBackend" djauth.login(request, user) return redirect("/") else: del request.session["attributes"] del request.session["jwt"] del request.session["jws"] django_logout(request) raise PermissionDenied # Error: Not for this audience except jwt.ExpiredSignature: del request.session["attributes"] del request.session["jwt"] del request.session["jws"] django_logout(request) raise PermissionDenied # Error: Security cookie has expired except Exception, e: logger.debug("rcauth() failed with: %s" % e) raise PermissionDenied
from os import getenv, path from pwgen import pwgen import sh def generate_page(ssid, pswd, address): home = getenv('HOME') template_path = path.join(home, 'screenly/templates/hotspot.html') with open(template_path) as f: template = Template(f.read()) context = { 'network': ssid, 'ssid_pswd': pswd, 'address': address } with open('/tmp/hotspot.html', 'w') as out_file: out_file.write(template.render(context=context)) if __name__ == "__main__": if not gateways().get('default'): ssid = 'ScreenlyOSE-{}'.format(pwgen(4, symbols=False)) ssid_password = pwgen(8, symbols=False) generate_page(ssid, ssid_password, 'screenly.io/wifi') wifi_connect = sh.sudo('wifi-connect', '-s', ssid, '-p', ssid_password, '-o', '9090') else: pass
def main(argv=sys.argv): if len(argv) != 3: usage(argv) config_uri = argv[1] try: num_users = int(argv[2]) except ValueError: usage(argv) setup_logging(config_uri) settings = get_appsettings(config_uri) config = Configurator(settings=settings) config.add_directive('set_password_context', set_password_context) db_session = init_sa(config) logger = logging.getLogger('speak_friend.createusers') if 'speak_friend.password_hasher' in settings: config.include(settings['speak_friend.password_hasher']) else: from passlib.apps import ldap_context config.set_password_context(context=ldap_context) # makes the password_context available on the registry config.commit() pass_ctx = config.registry.password_context user_num = 1 buf = StringIO() cols = ['username', 'first_name', 'last_name', 'email', 'password_hash', 'password_salt', 'login_attempts', 'admin_disabled', 'is_superuser'] csv_file = csv.DictWriter(buf, cols, delimiter='\t', lineterminator='\n') logger.info("Beginning to create %d users,", num_users) cxn = db_session.connection() cur = cxn.connection.cursor() user_num += 0 user_passwords = {} while user_num <= num_users: first_name = u'Test' last_name = pwgen(num_pw=1, pw_length=10, no_numerals=True, no_symbols=True) username = u'%s.%s' % (first_name, last_name) password = pwgen(num_pw=1, pw_length=20) user_passwords[username] = password csv_file.writerow(dict( username=username, first_name=first_name, last_name=last_name, email=u'*****@*****.**' % username, password_hash=pass_ctx.encrypt(password), password_salt='', login_attempts=0, admin_disabled=False, is_superuser=False, )) logger.info("Created user %s, %04d/%04d.", username, user_num, num_users) user_num += 1 logger.info("Committing...") tname = '%s.%s' % (UserProfile.__table__.schema, UserProfile.__table__.name) buf.seek(0) cur.copy_from(buf, tname, columns=cols) cxn.connection.commit() for uname, pw in user_passwords.items(): print uname, pw
def generate_password(length=12): return pwgen(int(length), no_capitalize=True, no_symbols=True)
def gen_root_pass(pass_length): cleartext_pass = pwgen(pass_length, no_symbols=True) return cleartext_pass
def preparePassword(accountList=None): """For the given accounts, prepare the passwords and the PDFs for the letters Arguments: - `accountList`: List of User objects Returns: - List of tuples: (user object, PDF file) """ from jinja2 import Template import codecs, subprocess r = [] # print "preparing passwords for: ", accountList for u in accountList: pw = pwgen(6, no_symbols=True, no_ambiguous=True) u.set_password(pw) u.save() r.append({'user': u, 'mitglied': u.mitglied, 'password': pw, 'status': u.mitglied.get_status_display(), 'geburtsdatum': u.mitglied.geburtsdatum.strftime('%d.%m.%Y'), }) # generate the PDF # assume the template is in templates templateText = EmailTemplate.objects.get(name='newUserLaTeX') # print templateText.content rendered = Template(templateText.content).render(dicts=r) # print rendered # and now process this via latex: f = codecs.open('letters.tex', 'w', 'utf-8') f.write(rendered) f.close() # TODO: use better file names, protect against race conditions retval = subprocess.call (["xelatex", '-interaction=batchmode', "letters.tex"]) ## retval = subprocess.call (["xelatex", ## '-interaction=batchmode', ## "letters.tex"]) # move this file into a directory where only Vorstand has access! # remove an older letter first; ignore errors here import shutil, os try: os.remove (os.path.join (SENDFILE_ROOT, 'letters.pdf')) except: pass shutil.move("letters.pdf", SENDFILE_ROOT) return r
def password_generator(): return pwgen(pw_length=25,no_symbols=True)