def clean_auth() -> Iterator[None]: """ clean_auth is a session-level fixture that ensures that we run tests with no preconfigured authentication, and that any settings we save during tests are cleaned up afterwards. """ authentication.TokenStore(conf.make_master_url()).delete_token_cache() yield None authentication.TokenStore(conf.make_master_url()).delete_token_cache()
def change_password(parsed_args: Namespace) -> None: if parsed_args.target_user: username = parsed_args.target_user elif parsed_args.user: username = parsed_args.user else: username = authentication.must_cli_auth().get_session_user() if not username: # The default user should have been set by now by autologin. print( colored("Please log in as an admin or user to change passwords", "red")) return password = getpass.getpass("New password for user '{}': ".format(username)) check_password = getpass.getpass("Confirm password: "******"Passwords do not match", "red")) return # Hash the password to avoid sending it in cleartext. password = api.salt_and_hash(password) update_user(username, parsed_args.master, password=password) # If the target user's password isn't being changed by another user, reauthenticate after # password change so that the user doesn't have to do so manually. if parsed_args.target_user is None: token_store = authentication.TokenStore(parsed_args.master) token = authentication.do_login(parsed_args.master, username, password) token_store.set_token(username, token) token_store.set_active(username)
def do_GET(self) -> None: try: """Serve a GET request.""" token = parse_qs(urlparse(self.path).query)["token"][0] tmp_auth = {"Cookie": "auth={token}".format(token=token)} me = api.get(master_url, "/users/me", headers=tmp_auth, authenticated=False).json() token_store = authentication.TokenStore(master_url) token_store.set_token(me["username"], token) token_store.set_active(me["username"]) print("Authenticated as {}.".format(me["username"])) self.send_response(200) self.send_header("Content-type", "text/html") self.end_headers() self.wfile.write(b"You can close this window now.") close_cb(0) except Exception as e: print("Error authenticating: {}.".format(e)) close_cb(1)
def log_in_user(parsed_args: Namespace) -> None: if parsed_args.username is None: username = input("Username: "******"Password for user '{}': ".format(username) # In order to not send clear-text passwords, we hash the password. password = api.salt_and_hash(getpass.getpass(message)) token_store = authentication.TokenStore(parsed_args.master) token = authentication.do_login(parsed_args.master, username, password) token_store.set_token(username, token) token_store.set_active(username)
def log_out_user(parsed_args: Namespace) -> None: auth = authentication.cli_auth if auth is None: return try: api.post( parsed_args.master, "logout", headers={ "Authorization": "Bearer {}".format(auth.get_session_token()) }, authenticated=False, ) except api.errors.APIException as e: if e.status_code != 401: raise e token_store = authentication.TokenStore(parsed_args.master) token_store.drop_user(auth.get_session_user())