def authenticate(self, username, password):
try:
user = User.objects.get(jid=username)
if backend.check_password(user.username, user.domain, password):
return user
except User.DoesNotExist:
pass
def handle_key(self, key, form):
username = key.user.username
domain = key.user.domain
password = form.cleaned_data['password']
if not backend.check_password(username=username, domain=domain, password=password):
raise UserNotFound()
def authenticate(self, username, password):
try:
user = User.objects.get(email=username)
if backend.check_password(user.username, user.domain, password):
return user
except User.DoesNotExist:
pass
def test_gen_passwords(self):
path = os.path.join(self.base, 'users3.json')
with capture() as (stdout, stderr):
restauth_import(['--gen-passwords', path])
output = stdout.getvalue()
self.assertHasLine(output, r'^\* %s: Generated password: .*' % username1)
password = re.search('Generated password: (.*)', output).groups()[0]
self.assertTrue(backend.check_password(user=username1, password=password))
def handle_key(self, key, form):
username = key.user.username
domain = key.user.domain
password = form.cleaned_data['password']
if not backend.check_password(
username=username, domain=domain, password=password):
raise UserNotFound()
def test_users_django_hash(self, overwrite=False):
path = os.path.join(self.base, 'users5.json')
with capture() as (stdout, stderr):
cmd = [path]
if overwrite:
cmd = ['--overwrite-properties', path]
with override_settings(PASSWORD_HASHERS=PASSWORD_HASHERS):
restauth_import(cmd)
self.assertHasLine(stdout, r'^\* %s: Set hash from input data\.$' % username3)
self.assertTrue(backend.check_password(user=username3, password='******'))
self.assertCountEqual(backend.list_users(), [username3])
def get_user(self, data):
username = data['username']
domain = data['domain']
try:
user = User.objects.has_email().get_user(username, domain)
except User.DoesNotExist:
raise UserNotFound()
if not backend.check_password(username=username, domain=domain, password=data['password']):
raise UserNotFound()
return user
def get_user(self, data):
username = data['username']
domain = data['domain']
try:
user = User.objects.has_email().get_user(username, domain)
except User.DoesNotExist:
raise UserNotFound()
if not backend.check_password(
username=username, domain=domain, password=data['password']):
raise UserNotFound()
return user
def post(self, request, largs, name):
"""Verify a users password."""
if not request.user.has_perm('Users.user_verify_password'):
return HttpResponseForbidden()
# If BadRequest: 400 Bad Request
password, groups = self._parse_post(request)
if groups is not None:
groups = [(group, request.user) for group in groups]
if backend.check_password(user=name, password=password, groups=groups):
return HttpResponseNoContent()
else:
raise UserNotFound(name)
def handle_key(self, key, form):
if not backend.check_password(username=key.user.username,
domain=key.user.domain,
password=form.cleaned_data['password']):
raise UserNotFound()
data = json.loads(key.payload)
key.user.gpg_fingerprint = data.get('gpg_fingerprint')
key.user.confirmed = now()
if 'email' in data: # set email from payload (might not be present in old keys)
key.user.email = data['email']
key.user.save()
backend.set_email(username=key.user.username,
domain=key.user.domain,
email=key.user.email)
def get_user(self, data):
"""User may or may not exist."""
username = data['username']
domain = data['domain']
jid = '%s@%s' % (data['username'], data['domain'])
password = data['password']
if not backend.check_password(
username=username, domain=domain, password=password):
raise UserNotFound()
# Defaults are only used for *new* User objects. If they aren't in the database already,
# it means they registered through InBand-Registration.
defaults = {
'email': data['email'],
'registration_method': REGISTRATION_INBAND,
}
user, created = User.objects.get_or_create(jid=jid, defaults=defaults)
return user
def test_users(self, overwrite=False):
path = os.path.join(self.base, 'users1.json')
cmd = [path]
if overwrite:
cmd = ['--overwrite-properties', path]
with capture() as (stdout, stderr):
with override_settings(PASSWORD_HASHERS=PASSWORD_HASHERS):
restauth_import(cmd)
self.assertHasLine(stdout, r'^\* %s: Set hash from input data\.$' % username3)
self.assertTrue(backend.check_password(user=username3, password='******'))
self.assertCountEqual(backend.list_users(), [username1, username2, username3])
props = {
propkey1: propval1,
propkey2: propval2,
# timestamps of when we wrote this test:
# u'date joined': u'2013-12-01 19:27:50',
u'last login': u'2013-12-01 19:27:44',
}
self.assertProperties(username2, props)
def check_password(self, raw_password):
return backend.check_password(self.username, self.domain, raw_password)
def assertFalsePassword(self, username, password):
self.assertFalse(backend.check_password(user=username, password=password))
def main(args=None):
# parse arguments
args = parser.parse_args(args=args)
if args.action == 'add':
password = args.get_password(args)
if args.password_generated:
print(args.pwd)
backend.set_password(user=args.user, password=password)
elif args.action in ['ls', 'list']:
for username in sorted(backend.list_users()):
if six.PY3: # pragma: py3
print(username)
else: # pragma: py2
print(username.encode('utf-8'))
elif args.action == 'verify':
if not args.pwd: # pragma: no cover
args.pwd = getpass.getpass('password: '******'Ok.')
else:
print('Failed.')
sys.exit(1)
elif args.action == 'set-password':
password = args.get_password(args)
if args.password_generated:
print(args.pwd)
backend.set_password(user=args.user, password=args.pwd)
elif args.action == 'view':
props = backend.get_properties(user=args.user)
if 'date joined' in props:
print('Joined: %s' % props['date joined'])
if 'last login' in props:
print('Last login: %s' % props['last login'])
if args.service:
groups = backend.list_groups(service=args.service, user=args.user)
if groups:
print('Groups: %s' % ', '.join(sorted(groups)))
else:
print('No groups.')
else:
if backend.SUPPORTS_GROUP_VISIBILITY:
groups = {}
none_groups = backend.list_groups(service=None, user=args.user)
for service in Service.objects.all():
subgroups = backend.list_groups(service=service, user=args.user)
if subgroups:
groups[service.username] = subgroups
if groups or none_groups:
print('Groups:')
if none_groups:
print('* no service: %s' % ', '.join(sorted(none_groups)))
for service, groups in sorted(groups.items(), key=lambda t: t[0]):
print('* %s: %s' % (service, ', '.join(sorted(groups))))
else:
print('No groups.')
else:
groups = backend.list_groups(service=None, user=args.user)
if groups:
print('Groups: %s' % ', '.join(sorted(groups)))
else:
print('No groups.')
elif args.action == 'rename':
try:
backend.rename_user(user=args.user, name=args.name)
except UserNotFound as e:
parser.error("%s: %s" % (args.name, e))
except UserExists as e:
parser.error("%s: %s" % (args.name, e))
elif args.action in ['delete', 'rm', 'remove']: # pragma: no branch
backend.remove_user(user=args.user)
