def write_user_file(username, password, admin, email, realname, git_username, git_password, git_2fa=False): #this is used to write information into a text file to serve as a debugging tool and log #change logging=True to start logging userdir = prefix + "users" + os.sep f = open(userdir + username + '.ini', "w") f.write('username='******'\n') f.write('password='******'\n') f.write('realname=' + realname + '\n') f.write('admin=' + str(admin) + '\n') f.write('email=' + email + '\n') f.write('max-age=0' + '\n') f.write('editable=Yes' + '\n') f.write('numlogins = 85\nnumused = 2869\n') # get oauth token for github. Add current date to note since they need to be unique or an error will occur note = project + ", " + time.ctime() try: auth = github3.authorize(git_username, git_password, ['repo'], note, "") f.write('git_username='******'\n') f.write('git_token=' + auth.token + '\n') f.write('git_id=' + str(auth.id) + '\n') # in case we ever need to update authorizations f.write('git_2fa=' + str(git_2fa).lower() + '\n') except: # would be ideal to show an error, but just fail silently pass f.close()
def write_user_file(username, password, admin, email, realname, git_username, git_password): #this is used to write information into a text file to serve as a debugging tool and log #change logging=True to start logging userdir = prefix + "users" + os.sep f = open(userdir + username + '.ini', "w") f.write('username='******'\n') f.write('password='******'\n') f.write('realname=' + realname + '\n') f.write('admin=' + str(admin) + '\n') f.write('email=' + email + '\n') f.write('max-age=0' + '\n') f.write('numlogins = 85\nnumused = 2869\n') f.write('git_username='******'\n') f.write('git_password='******'\n') f.close()
def encodestring(username, password): """Given a username and password return a new encoded string for use by decodecookie.""" ranstring = randomstring(10) thishash = hashlib.sha1(password + ranstring).hexdigest() return pass_enc('||'.join([username, thishash, ranstring]), daynumber=True, timestamp=True)
def doeditaccount(theform, userconfig, userdir, thisscript, action, newcookie): """Process the results from edit account form submissions.""" from modules.dataenc import pass_enc, pass_dec loginaction = theform['login'].value if not loginaction == 'doeditaccountnojs': # only type of newlogin supported so far sys.exit() allentries = theform.keys() vallist = allentries + [ entry for entry in edacckeys if entry not in allentries ] formdict = getform(vallist, theform, nolist=True) # oldpass_hash = pwd_context.hash(formdict['pass0'], salt="") storedpass_hash = pass_dec(userconfig['password'])[0] pass1 = formdict['pass1'] pass2 = formdict['pass2'] # email = validateemail(formdict) oldemail = userconfig['email'] if not email: msg = 'The email address you supplied appears to be invalid.' display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) if email != oldemail and (not oldpass_hash or oldpass_hash != storedpass_hash): msg = 'You must correctly enter your password to change your email address.' display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) userconfig['email'] = email if not formdict['realname']: msg = 'You need to enter a name for us to use.' display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) userconfig['realname'] = formdict['realname'] if pass1 or pass2: if pass1 != pass2: msg = "The two passwords don't match." display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) if len(pass1) < 5: msg = "The password must be longer than 5 characters." display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) if not oldpass_hash or oldpass_hash != storedpass_hash: msg = 'You must correctly enter your current password to change it.' display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) pass1_hash = pwd_context.hash(pass1, salt="") userconfig['password'] = pass_enc(pass1_hash, daynumber=True, timestamp=True) newcookie = makecookie(userconfig, pass1_hash, ConfigObj(userdir + 'config.ini')['cookiepath']) for entry in formdict: if entry not in edacckeys: userconfig[entry] = formdict[entry] userconfig.write() return action, userconfig, newcookie # XXXXX display values changed page
def confirm(theform, userdir, thisscript): """Confirm a login. Either from an invite or from a user who has registered.""" from modules.dataenc import pass_dec, pass_enc from login import encodestring fail = False try: theval, daynumber, timestamp = pass_dec(theform['id'].value) except: # FIXME: bare except.... newloginfail() tempstore = ConfigObj(userdir + 'temp.ini') if not tempstore.has_key(theval): newloginfail() uservals = tempstore[theval] del tempstore[theval] username = uservals['username'] if username in tempstore['pending']: tempstore['pending'].remove(username) tempstore.write() # newconfig = ConfigObj(userdir + 'default.ini') newpath = userdir + username + '.ini' if os.path.isfile(newpath): newloginfail() newconfig.filename = newpath # FIXME: should this be '' ? action = None for entry in uservals: if entry == 'action': action = uservals[entry] elif entry == 'password': password = uservals[entry] newconfig[entry] = pass_enc(password, timestamp=True, daynumber=True) else: newconfig[entry] = uservals[entry] newconfig.write() # # next we need to create the cookie header to return it from Cookie import SimpleCookie thecookie = SimpleCookie() thecookie['userid'] = encodestring(newconfig['username'], password) config = ConfigObj(userdir + 'config.ini') maxage = newconfig['max-age'] cookiepath = config['cookiepath'] if maxage and int(maxage): # possible cause of error here if the maxage value in a users file isn't an integer !! thecookie['userid']['max-age'] = int(maxage) if cookiepath: thecookie['userid']['path'] = cookiepath if config['adminmail']: msg = 'A new user has created a login - "%s".\n\n' % thisscript for entry in newconfig: if entry != 'password': msg += entry + ' : ' + newconfig[entry] + '\n' # FIXME: should be mailme sendmailme(config['adminmail'], msg, config['email_subject'], config['adminmail'], html=False) return action, newconfig, thecookie.output()
def createuser(userdir, realname, username, email, password, adminlev): """Create a new user.""" from time import time from modules.dataenc import pass_enc from modules.configobj import ConfigObj user = ConfigObj(userdir+'default.ini') user.filename = userdir + username + '.ini' # XXXX this does no checkign htat the name is valid and doesn't already exist !! user['username'] = username user['realname'] = realname user['email'] = email user['admin'] = adminlev user['password'] = pass_enc(password, timestamp=True, daynumber=True) user['created'] = str(time()) user.write()
def createuser(userdir, realname, username, email, password, adminlev): """Create a new user.""" from time import time from modules.dataenc import pass_enc from modules.configobj import ConfigObj user = ConfigObj(userdir + 'default.ini') user.filename = userdir + username + '.ini' # XXXX this does no checkign htat the name is valid and doesn't already exist !! user['username'] = username user['realname'] = realname user['email'] = email user['admin'] = adminlev user['password'] = pass_enc(password, timestamp=True, daynumber=True) user['created'] = str(time()) user.write()
def doeditaccount(theform, userconfig, userdir, thisscript, action, newcookie): """Process the results from edit account form submissions.""" from modules.dataenc import pass_enc, pass_dec loginaction = theform['login'].value if not loginaction == 'doeditaccountnojs': # only type of newlogin supported so far sys.exit() allentries = theform.keys() vallist = allentries + [entry for entry in edacckeys if entry not in allentries] formdict = getform(vallist, theform, nolist=True) # oldpass = formdict['pass0'] storedpass = pass_dec(userconfig['password'])[0] pass1 = formdict['pass1'] pass2 = formdict['pass2'] # email = validateemail(formdict) oldemail = userconfig['email'] if not email: msg = 'The email address you supplied appears to be invalid.' display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) if email != oldemail and (not oldpass or oldpass != storedpass): msg = 'You must correctly enter your password to change your email address.' display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) userconfig['email'] = email if not formdict['realname']: msg = 'You need to enter a name for us to use.' display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) userconfig['realname'] = formdict['realname'] if pass1 or pass2: if pass1 != pass2: msg = "The two passwords don't match." display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) if len(pass1) < 5: msg = "The password must be longer than 5 characters." display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) if not oldpass or oldpass != storedpass: msg = 'You must correctly enter your current password to change it.' display_edit(formdict, userdir, thisscript, msg, action, newcookie, userconfig) userconfig['password'] = pass_enc(pass1, daynumber=True, timestamp=True) newcookie = makecookie(userconfig, pass1, ConfigObj(userdir+'config.ini')['cookiepath']) for entry in formdict: if entry not in edacckeys: userconfig[entry] = formdict[entry] userconfig.write() return action, userconfig, newcookie # XXXXX display values changed page
def update_password(user, new_pass): f = open(prefix + 'users' + os.sep + user + '.ini', 'r') ff = f.read().split('\n') f.close() new_file = [] for line in ff: if line != '': line_split = line.split('=') if line_split[0].strip().startswith('password'): newline = 'password = '******'users' + os.sep + user + '.ini', 'w').close() g = open('users/' + user + '.ini', 'a') for l in new_file: g.write(l + '\n') g.close()
def savedetails(userdir, formdict, action=None): """ Given the form from a validated new login, it saves the details to the temporary store. It also cleans up any out of date ones that haven't been used. """ from modules.dateutils import returndate, daycount from modules.dataenc import pass_enc # tempstore = ConfigObj(userdir + 'temp.ini') if action: formdict['action'] = action year, month, day = returndate() today = daycount(year, month, day) # for section in tempstore: if section[4:].isdigit(): if int(section[4:]) > today + 30: name = tempstore[section]['username'] tempstore['pending'].remove(name) del tempstore[section] # ran = randomstring(4) while tempstore.has_key(ran + str(today)): ran = randomstring(4) key = ran + str(today) tempstore[key] = {} store = tempstore[key] for entry in formdict: if entry == 'pass1' or entry == 'pass2': store['password'] = pwd_context.hash(formdict[entry], salt="") elif entry == 'login': pass else: store[entry] = formdict[entry] if not tempstore.has_key('pending'): tempstore['pending'] = [] tempstore['pending'].append(formdict['username']) tempstore.write() return pass_enc(key, timestamp=True, daynumber=True)
def savedetails(userdir, formdict, action=None): """ Given the form from a validated new login, it saves the details to the temporary store. It also cleans up any out of date ones that haven't been used. """ from modules.dateutils import returndate, daycount from modules.dataenc import pass_enc # tempstore = ConfigObj(userdir + 'temp.ini') if action: formdict['action'] = action year, month, day = returndate() today = daycount(year, month, day) # for section in tempstore: if section[4:].isdigit(): if int(section[4:]) > today + 30: name = tempstore[section]['username'] tempstore['pending'].remove(name) del tempstore[section] # ran = randomstring(4) while tempstore.has_key(ran+str(today)): ran = randomstring(4) key = ran+str(today) tempstore[key] = {} store = tempstore[key] for entry in formdict: if entry == 'pass1' or entry == 'pass2': store['password'] = formdict[entry] elif entry == 'login': pass else: store[entry] = formdict[entry] if not tempstore.has_key('pending'): tempstore['pending'] = [] tempstore['pending'].append(formdict['username']) tempstore.write() return pass_enc(key, timestamp=True, daynumber=True)
def gitdox_migrate_userconfig(o, config): """GitDox's scheme for user objects changed after version 0.9.1. This function checks the config to see if it uses the old scheme, and changes it if it does.""" old_pass, _, _ = pass_dec(o['password']) if not old_pass.startswith('$6$rounds=656000$$'): o['password'] = pass_enc(pwd_context.hash(old_pass, salt="")) o.write() if 'git_password' in o and o['git_password'] != "" \ and 'git_username' in o and o['git_username'] != "": old = pass_dec(o['git_password'])[0] username = o['git_username'] note = config['project'] + ", " + ctime() try: auth = github3.authorize(username, old, ['repo'], note, "") o['git_token'] = auth.token o['git_id'] = auth.id del o['git_password'] o.write() except: pass # fail silently
def confirm(theform, userdir, thisscript): """Confirm a login. Either from an invite or from a user who has registered.""" from modules.dataenc import pass_dec, pass_enc from login import encodestring fail = False try: theval, daynumber, timestamp = pass_dec(theform['id'].value) except: # FIXME: bare except.... newloginfail() tempstore = ConfigObj(userdir + 'temp.ini') if not tempstore.has_key(theval): newloginfail() uservals = tempstore[theval] del tempstore[theval] username = uservals['username'] if username in tempstore['pending']: tempstore['pending'].remove(username) tempstore.write() # newconfig = ConfigObj(userdir + 'default.ini') newpath = userdir + username + '.ini' if os.path.isfile(newpath): newloginfail() newconfig.filename = newpath # FIXME: should this be '' ? action = None for entry in uservals: if entry == 'action': action = uservals[entry] elif entry == 'password': password = uservals[entry] pwd_hash = pwd_context.hash(password, salt="") newconfig[entry] = pass_enc(pwd_hash, timestamp=True, daynumber=True) else: newconfig[entry] = uservals[entry] newconfig.write() # # next we need to create the cookie header to return it from Cookie import SimpleCookie thecookie = SimpleCookie() pwd_hash = pwd_context.hash(password, salt="") thecookie['userid'] = encodestring(newconfig['username'], pwd_hash) config = ConfigObj(userdir + 'config.ini') maxage = newconfig['max-age'] cookiepath = config['cookiepath'] if maxage and int( maxage ): # possible cause of error here if the maxage value in a users file isn't an integer !! thecookie['userid']['max-age'] = int(maxage) if cookiepath: thecookie['userid']['path'] = cookiepath if config['adminmail']: msg = 'A new user has created a login - "%s".\n\n' % thisscript for entry in newconfig: if entry != 'password': msg += entry + ' : ' + newconfig[entry] + '\n' # FIXME: should be mailme sendmailme(config['adminmail'], msg, config['email_subject'], config['adminmail'], html=False) return action, newconfig, thecookie.output()
from modules.dataenc import pass_enc from passlib.apps import custom_app_context from modules.configobj import ConfigObj if raw_input: p = raw_input("Enter a password for user `admin`:\n") else: p = input("Enter a password for user `admin`:\n") try: admin = ConfigObj('users/admin.ini') admin['password'] = pass_enc(custom_app_context.hash(p, salt="")) admin.write() print("Successfully changed password for admin.") except Exception as e: print("Could not change password for admin.") raise e
def encodestring(username, pwd_hash): """Given a username and password return a new encoded string for use by decodecookie.""" return pass_enc('||'.join([username, pwd_hash]), daynumber=True, timestamp=True)