def authuser(user, passw):
with open("/etc/shadow", "r") as fd:
for line in fd.readlines():
cols = line.split(':')
if cols[0] == user:
if compare_digest(crypt(passw, cols[1]), cols[1]):
return True
else:
break
e = HTTPError(403)
e.my_message = "Incorrect password"
raise e
def mkuser(user, passw, passw2, code_check):
if user == None or len(user.strip()) == "":
e = HTTPError(403)
e.my_message = "Username is missing"
raise e
if len(user) < 5:
e = HTTPError(403)
e.my_message = "Your user name is too short"
raise e
if len(user) > 15:
e = HTTPError(403)
e.my_message = "Your user name is too long"
raise e
if len(passw) < 7:
e = HTTPError(403)
e.my_message = "Your password is too short"
raise e
if len(passw) > 50:
e = HTTPError(403)
e.my_message = "Your password is too long"
raise e
if passw in [user, "abc123", "abcd1234", "abc1234", "abcd123"]:
e = HTTPError(403)
e.my_message = "Choose a better password"
raise e
if re.search(r'\W', user):
e = HTTPError(403)
e.my_message = "Illegal character in user nmame. Only letters, numbers and the underscore are allowed."
raise e
if re.search(r'\W', passw):
e = HTTPError(403)
e.my_message = "Illegal character in password. Only letters, numbers and the underscore are allowed."
raise e
home = "/home/%s" % user
cmd = ["useradd", user, "-s", "/bin/bash"]
check_pass2 = False
if os.path.exists(home):
uid = stat(home).st_uid
try:
pwd.getpwuid(uid)
return authuser(user, passw)
# The user already exists, nothing to do
#return uid
except KeyError:
check_pass2 = True
cmd += ["-u", str(uid)]
else:
if not os.path.exists("/usr/enable_mkuser"):
e = HTTPError(403)
e.my_message = "MkUser disabled"
raise e
if not code_check:
e = HTTPError(403)
e.my_message = "Code check failed"
raise e
check_pass2 = True
if passw != passw2:
e = HTTPError(403)
e.my_message = "Password and Password2 do not match."
raise e
cmd += ["-m"]
uids = set()
for path in os.listdir("/home"):
u = stat("/home/%s" % path).st_uid
uids.add(u)
for u in range(1000, 100000):
if u in uids:
continue
try:
pwd.getpwuid(u)
except KeyError:
uid = u
cmd += ["-u", str(uid)]
break
if check_pass2:
if passw != passw2:
e = HTTPError(403)
e.my_message = "Password and Password2 do not match."
raise e
call(cmd)
call(["su", "-", user, "-c", "bash /inituser.sh"])
pipe = Popen(["chpasswd"], stdin=PIPE, universal_newlines=True)
pipe.stdin.write("%s:%s\n" % (user, passw))
pipe.stdin.close()
pipe.wait()
print("Chpasswd called with %s:%s" % (user, passw))
return True
