def valid_ssh(hostname, port, username, password=None, pkey=None, with_expect=True): try: private_key = AppSetting.get('private_key') public_key = AppSetting.get('public_key') except KeyError: private_key, public_key = SSH.generate_key() AppSetting.set('private_key', private_key, 'ssh private key') AppSetting.set('public_key', public_key, 'ssh public key') try: if password: _cli = SSH(hostname, port, username, password=str(password)) _cli.add_public_key(public_key) if pkey: private_key = pkey cli = SSH(hostname, port, username, private_key) cli.ping() except BadAuthenticationType: if with_expect: data = '该主机不支持密钥认证,错误代码:E01' else: data = '该主机不支持密钥认证,错误代码:E02' return False, 500, data except AuthenticationException: if password and with_expect: data = '密钥认证失败,错误代码:E03' else: data = "密钥认证失败,错误代码:E04" return False, 500, data return True, 200, {'msg': "认证成功"}
def valid_ssh(hostname, port, username, password=None, pkey=None, with_expect=True): try: private_key = AppSetting.get('private_key') public_key = AppSetting.get('public_key') except KeyError: private_key, public_key = SSH.generate_key() AppSetting.set('private_key', private_key, 'ssh private key') AppSetting.set('public_key', public_key, 'ssh public key') if password: _cli = SSH(hostname, port, username, password=str(password)) _cli.add_public_key(public_key) if pkey: private_key = pkey try: cli = SSH(hostname, port, username, private_key) cli.ping() except BadAuthenticationType: if with_expect: raise TypeError('该主机不支持密钥认证,请参考官方文档,错误代码:E01') return False except AuthenticationException: if password and with_expect: raise ValueError('密钥认证失败,请参考官方文档,错误代码:E02') return False return True
def post(self, request): form, error = JsonParser(Argument('data', type=list, help='缺少必要的参数')).parse(request.body) if error is None: for item in form.data: AppSetting.set(**item) return json_response(error=error)
def valid_ssh(hostname, port, username, password, with_expect=True): try: private_key = AppSetting.get('private_key') #定义私钥公钥 public_key = AppSetting.get('public_key') except KeyError: #错误检查 private_key, public_key = SSH.generate_key() AppSetting.set('private_key', private_key, 'ssh private key') AppSetting.set('public_key', public_key, 'ssh public key') cli = SSH(hostname, port, username, private_key) if password: _cli = SSH(hostname, port, username, password=str(password)) code, out = _cli.exec_command('mkdir -p -m 700 ~/.ssh && \ echo %r >> ~/.ssh/authorized_keys && \ chmod 600 ~/.ssh/authorized_keys' % public_key) if code != 0: raise Exception(f'add public key error: {out!r}') try: cli.ping() except BadAuthenticationType: if with_expect: raise TypeError('该主机不支持密钥认证,请参考官方文档,错误代码:E01') return False except AuthenticationException: if password and with_expect: raise ValueError('密钥认证失败,请参考官方文档,错误代码:E02') return False return True
def handle(self, *args, **options): target = options['target'] if target == 'mfa': if options['value'] != 'disable': return self.echo_error(f'mfa设置,不支持的值【{options["value"]}】') AppSetting.set('MFA', {'enable': False}) self.echo_success('MFA已禁用') else: self.echo_error('未识别的操作') self.print_help()
def post(self, request): form, error = JsonParser( Argument('enable', type=bool, help='参数错误'), Argument('code', required=False) ).parse(request.body) if error is None: if form.enable: if not form.code: return json_response(error='请输入验证码') key = f'{request.user.username}:code' code = cache.get(key) if not code: return json_response(error='验证码已失效,请重新获取') if code != form.code: ttl = cache.ttl(key) cache.expire(key, ttl - 100) return json_response(error='验证码错误') cache.delete(key) AppSetting.set('MFA', {'enable': form.enable}) return json_response(error=error)
def valid_ssh(hostname, port, username, password): try: private_key = AppSetting.get('private_key') public_key = AppSetting.get('public_key') except KeyError: private_key, public_key = SSH.generate_key() AppSetting.set('private_key', private_key, 'ssh private key') AppSetting.set('public_key', public_key, 'ssh public key') if password: cli = SSH(hostname, port, username, password=str(password)) code, out = cli.exec_command('mkdir -p -m 700 ~/.ssh && \ echo %r >> ~/.ssh/authorized_keys && \ chmod 600 ~/.ssh/authorized_keys' % public_key) if code != 0: raise Exception(f'add public key error: {out!r}') else: cli = SSH(hostname, port, username, private_key) try: cli.ping() except AuthenticationException: return False return True