def change_password():
"""View function which handles a change password request."""
has_error = False
form_class = _security.change_password_form
if request.json:
form = form_class(MultiDict(request.json))
else:
form = form_class()
if form.validate_on_submit():
try:
change_user_password(current_user._get_current_object(),
form.new_password.data)
except SOCKETErrorException as e:
# Handle socket errors which are not covered by SMTPExceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(SMTP_SOCKET_ERROR).format(e), 'danger')
has_error = True
except (SMTPConnectError, SMTPResponseException,
SMTPServerDisconnected, SMTPDataError, SMTPHeloError,
SMTPException, SMTPAuthenticationError, SMTPSenderRefused,
SMTPRecipientsRefused) as e:
# Handle smtp specific exceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(SMTP_ERROR).format(e), 'danger')
has_error = True
except Exception as e:
# Handle other exceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(PASS_ERROR).format(e), 'danger')
has_error = True
if request.json is None and not has_error:
after_this_request(view_commit)
do_flash(*get_message('PASSWORD_CHANGE'))
old_key = get_crypt_key()[1]
set_crypt_key(form.new_password.data, False)
from pgadmin.browser.server_groups.servers.utils \
import reencrpyt_server_passwords
reencrpyt_server_passwords(current_user.id, old_key,
form.new_password.data)
return redirect(
get_url(_security.post_change_view)
or get_url(_security.post_login_view))
if request.json and not has_error:
form.user = current_user
return default_render_json(form)
return _security.render_template(
config_value('CHANGE_PASSWORD_TEMPLATE'),
change_password_form=form,
**_ctx('change_password'))
def set_master_password():
"""
Set the master password and store in the memory
This password will be used to encrypt/decrypt saved server passwords
"""
data = None
if hasattr(request.data, 'decode'):
data = request.data.decode('utf-8')
if data != '':
data = json.loads(data)
# Master password is not applicable for server mode
if not config.SERVER_MODE and config.MASTER_PASSWORD_REQUIRED:
# if master pass is set previously
if current_user.masterpass_check is not None and \
data.get('button_click') and \
not validate_master_password(data.get('password')):
return form_master_password_response(
existing=True,
present=False,
errmsg=gettext("Incorrect master password"))
if data != '' and data.get('password', '') != '':
# store the master pass in the memory
set_crypt_key(data.get('password'))
if current_user.masterpass_check is None:
# master check is not set, which means the server password
# data is old and is encrypted with old key
# Re-encrypt with new key
from pgadmin.browser.server_groups.servers.utils \
import reencrpyt_server_passwords
reencrpyt_server_passwords(current_user.id,
current_user.password,
data.get('password'))
# set the encrypted sample text with the new
# master pass
set_masterpass_check_text(data.get('password'))
elif not get_crypt_key()[0] and \
current_user.masterpass_check is not None:
return form_master_password_response(
existing=True,
present=False,
)
elif not get_crypt_key()[0]:
error_message = None
if data.get('button_click') and data.get('password') == '':
# If user attempted to enter a blank password, then throw error
error_message = gettext("Master password cannot be empty")
return form_master_password_response(existing=False,
present=False,
errmsg=error_message)
# if master password is disabled now, but was used once then
# remove all the saved passwords
process_masterpass_disabled()
if config.SERVER_MODE and current_user.masterpass_check is None:
crypt_key = get_crypt_key()[1]
from pgadmin.browser.server_groups.servers.utils \
import reencrpyt_server_passwords
reencrpyt_server_passwords(current_user.id, current_user.password,
crypt_key)
set_masterpass_check_text(crypt_key)
return form_master_password_response(present=True, )