示例#1
0
        def check_has_pincard(user):
            
            pins = []
            otp = False
            self.pins_check = []
            self.otp = 'none'
            #Convert from username to uid and if user exist check for pincardManager
            #We don't tell to frontend if a user exists or not to avoid exposure to security flaws/brute forcing etc
            uid = username_to_uid(user)
            user_exist = True if uid is not None else False
            user_has_pincard = False
            #If user exists we check if has a pincard
            if user_exist:
                user_has_pincard = has_pincard(uid)
            #If user is root / uid 0 we check also if email notifications are enabled
            #If not user won't be able to reset password with pincard 
            if uid == 0:
                user_has_pincard = user_has_pincard and email_notification_enabled()
            
            if user_has_pincard:
                self.pins_user_uname = user
                self.pins_user_uid = uid
                pins = reset_random_pins(uid)
                for pin in pins:
                    self.pins_check.append(pin['pin_number'])
                
                #Set current time, user will have max 3 min to reset password
                self.pass_reset_time = datetime.now()
                
                if uid == 0:
                    self.otp = generate_otp(user)
                    otp = True

            self.emit('pincardManager:haspincard', {'key': 'pincardManager:haspincard', 'has_pincard': user_has_pincard, 'pins_check': pins, 'otp': otp})
示例#2
0
        def check_has_pincard(user):

            pins = []
            otp = False
            self.pins_check = []
            self.otp = "none"
            # Convert from username to uid and if user exist check for
            # pincardManager We don't tell to frontend if a user exists or not
            # to avoid exposure to security flaws/brute forcing etc
            uid = username_to_uid(user)
            user_exist = True if uid is not None else False
            user_has_pincard = False
            # If user exists we check if has a pincard
            if user_exist:
                user_has_pincard = has_pincard(uid)
            # If user is root / uid 0 we check also if email notifications are
            # enabled If not user won't be able to reset password with pincard
            if uid == 0:
                user_has_pincard = (user_has_pincard
                                    and email_notification_enabled()
                                    )  # noqa E501

            if user_has_pincard:
                self.pins_user_uname = user
                self.pins_user_uid = uid
                pins = reset_random_pins(uid)
                for pin in pins:
                    self.pins_check.append(pin["pin_number"])

                # Set current time, user will have max 3 min to reset password
                self.pass_reset_time = datetime.now()

                if uid == 0:
                    self.otp = generate_otp(user)
                    otp = True

            self.emit(
                "haspincard",
                {
                    "key": "pincardManager:haspincard",
                    "has_pincard": user_has_pincard,
                    "pins_check": pins,
                    "otp": otp,
                },
            )
示例#3
0
        def check_has_pincard(user):

            pins = []
            otp = False
            self.pins_check = []
            self.otp = 'none'
            #Convert from username to uid and if user exist check for pincardManager
            #We don't tell to frontend if a user exists or not to avoid exposure to security flaws/brute forcing etc
            uid = username_to_uid(user)
            user_exist = True if uid is not None else False
            user_has_pincard = False
            #If user exists we check if has a pincard
            if user_exist:
                user_has_pincard = has_pincard(uid)
            #If user is root / uid 0 we check also if email notifications are enabled
            #If not user won't be able to reset password with pincard
            if uid == 0:
                user_has_pincard = user_has_pincard and email_notification_enabled(
                )

            if user_has_pincard:
                self.pins_user_uname = user
                self.pins_user_uid = uid
                pins = reset_random_pins(uid)
                for pin in pins:
                    self.pins_check.append(pin['pin_number'])

                #Set current time, user will have max 3 min to reset password
                self.pass_reset_time = datetime.now()

                if uid == 0:
                    self.otp = generate_otp(user)
                    otp = True

            self.emit(
                'haspincard', {
                    'key': 'pincardManager:haspincard',
                    'has_pincard': user_has_pincard,
                    'pins_check': pins,
                    'otp': otp
                })