def get_user_by_username_and_password(self, username: str, password: str) -> dict: """ Try to find a user and check the password. If a match is found, create a dict that contains the username, the userlevel, the timestamp of login and the timestamp of the last access. :param username: The username :param password: The password :return: The described dict or None on invalid credentials or inactive user account. """ if username is None: return None if password is None: return None if not UserManager.username_regex.match(username): return None user_section = 'User:{:s}'.format(username) if not user_section in self.__config.sections(): return None section = self.__config[user_section] level = 'level' in section and section['level'] or None salt = 'salt' in section and section['salt'] or None saved_password = '******' in section and section['password'] or None enabled = 'enabled' in section and section['enabled'] or None if level is None or enabled is None: return None if enabled.lower() != 'yes': return None password_to_compare = hash_password(password, salt=salt, secret=self.secret) if password_to_compare != saved_password: return None return dict(username=username, level=level, timestamp=time.time(), last_access=time.time())
def __init__(self): """ Load the user basic configuration from the users.ini file. :raise IOError: When there can be no users.ini can be loaded or created. """ self.__conf_file = FsTools.get_config_file('users.ini') config = configparser.ConfigParser() config.read(self.__conf_file) config_changed = False if not '_Config_' in config.sections(): config.add_section('_Config_') config.set('_Config_', 'secret', create_salt()) config_changed = True if config_changed: with open(self.__conf_file, 'w') as fh: config.write(fh) fh.flush() fh.close() config_changed = False if not 'secret' in config['_Config_']: config.set('_Config_', 'secret', create_salt()) config_changed = True if config_changed: with open(self.__conf_file, 'w') as fh: config.write(fh) fh.flush() fh.close() config_changed = False if len(config.sections()) < 1: raise IOError('Invalid configuration in "{:s}"'.format( self.__conf_file)) self.secret = config['_Config_']['secret'] if len(config.sections()) == 1: # No std user! config.add_section('User:arobito') config.set('User:arobito', 'level', 'Administrator') salt = create_salt() config.set('User:arobito', 'salt', salt) config.set('User:arobito', 'password', hash_password('arobito', salt=salt, secret=self.secret)) config.set('User:arobito', 'enabled', 'yes') config_changed = True if config_changed: with open(self.__conf_file, 'w') as fh: config.write(fh) fh.flush() fh.close() self.__config = config
def __init__(self): """ Load the user basic configuration from the users.ini file. :raise IOError: When there can be no users.ini can be loaded or created. """ self.__conf_file = FsTools.get_config_file('users.ini') config = configparser.ConfigParser() config.read(self.__conf_file) config_changed = False if not '_Config_' in config.sections(): config.add_section('_Config_') config.set('_Config_', 'secret', create_salt()) config_changed = True if config_changed: with open(self.__conf_file, 'w') as fh: config.write(fh) fh.flush() fh.close() config_changed = False if not 'secret' in config['_Config_']: config.set('_Config_', 'secret', create_salt()) config_changed = True if config_changed: with open(self.__conf_file, 'w') as fh: config.write(fh) fh.flush() fh.close() config_changed = False if len(config.sections()) < 1: raise IOError('Invalid configuration in "{:s}"'.format(self.__conf_file)) self.secret = config['_Config_']['secret'] if len(config.sections()) == 1: # No std user! config.add_section('User:arobito') config.set('User:arobito', 'level', 'Administrator') salt = create_salt() config.set('User:arobito', 'salt', salt) config.set('User:arobito', 'password', hash_password('arobito', salt=salt, secret=self.secret)) config.set('User:arobito', 'enabled', 'yes') config_changed = True if config_changed: with open(self.__conf_file, 'w') as fh: config.write(fh) fh.flush() fh.close() self.__config = config