def init_admin(config):
from . import ziladmin
from zilpool.pyzil import crypto
from zilpool.common.mail import EmailClient
EmailClient.set_config(config)
admin_emails = config["pool"]["admins"]
for email in admin_emails:
admin = ziladmin.ZilAdmin.get_one(email=email)
if not admin:
logging.critical("init admin database")
password = crypto.rand_string(8)
admin = ziladmin.ZilAdmin.create(email, password)
if not admin:
raise RuntimeError("Failed to create admin database")
print(f"generate admin password: {password}")
print(f"send mail to {email}")
EmailClient.send_admin_mail(
email,
subject="password generated",
msg=f"admin email: {email}\npassword: {password}")
def test_sign_verify(self):
for i in range(10):
key = crypto.ZilKey.generate_key_pair()
l = 1 + i * 512
msg = crypto.rand_bytes(l) + crypto.rand_string(l).encode()
signature = key.sign(msg)
assert key.verify(signature, msg)
def encrypt_password(password, salt=None, sep=SALT_SEP):
assert isinstance(password, str)
if salt is None:
salt = crypto.rand_string(8)
digest = f"{salt}{sep}{password}"
salt_bytes = salt.encode()
for i in range(10):
digest = hashlib.sha256(salt_bytes + digest.encode()).hexdigest()
return f"{salt}{sep}{digest}"
def create_token(cls, action, ext_data=None, expire_secs=24*60*60):
assert action in AdminActions
if ext_data is None:
ext_data = {}
data_hash = cls.calc_hash(ext_data)
token = crypto.rand_string(8) + data_hash
expire_time = datetime.utcnow() + timedelta(seconds=expire_secs)
admin_token = cls(token=token, expire_time=expire_time, finished=False,
action=action, ext_data=ext_data)
admin_token = admin_token.save()
return admin_token and admin_token.token
async def admin_generate_password(request, email: str):
admin = ZilAdmin.get_one(email=email)
if not admin:
return False
password = crypto.rand_string(8)
if not admin.change_password(password=password):
return False
logging.critical(f"Re-generate admin password for {admin.email}: {password}")
logging.critical(f"send mail to {admin.email}")
EmailClient.set_config(config)
EmailClient.send_admin_mail(
admin.email,
subject="password generated",
msg=f"admin email: {admin.email}\npassword: {password}"
)
return True
def create_visa(self, expire_secs=30*60):
visa = crypto.rand_string(8)
visa_expire_time = datetime.utcnow() + timedelta(seconds=expire_secs)
if not self.update(visa=visa, visa_expire_time=visa_expire_time):
return None
return self
def create_visa(self, expire_secs=30*60, ext_data=""):
visa = crypto.rand_string(self.VISA_LENGTH) + ext_data
visa_expire_time = datetime.utcnow() + timedelta(seconds=expire_secs)
if not self.update(visa=visa, visa_expire_time=visa_expire_time):
return None
return self