summaryrefslogtreecommitdiffstats
path: root/py-bin
diff options
context:
space:
mode:
authoralice <alice@immerda.ch>2012-08-31 13:42:38 +0200
committeralice <alice@immerda.ch>2012-10-19 15:20:06 +0200
commitb1be46acc3219a3f613de9c21b89ce90e64b7867 (patch)
treeff5ab15d4695d5b8ad4054f705d05b12440eb860 /py-bin
parent6efa48858f9a120d90d17e7dd54865fcd996192e (diff)
work in progress: web login working
Diffstat (limited to 'py-bin')
-rw-r--r--py-bin/ejabberdctl.py56
-rw-r--r--py-bin/jabberman.py203
-rw-r--r--py-bin/setup.py19
3 files changed, 27 insertions, 251 deletions
diff --git a/py-bin/ejabberdctl.py b/py-bin/ejabberdctl.py
deleted file mode 100644
index 425e4b2..0000000
--- a/py-bin/ejabberdctl.py
+++ /dev/null
@@ -1,56 +0,0 @@
-#ejabberdctl
-
-import subprocess, logging
-import config
-
-class SensitiveString:
- def __init__(self, strn):
- self.strn = strn
-
- def __str__(self):
- return "*"
-
- def get_sensitive_value(self):
- return self.strn
-
-
-class EJabberdCtl:
- def create_account(self, user, server, password):
- if self.__ejabberdctl(["register", user, server, SensitiveString(password)]):
- logging.info("Created account %s@%s." % (user, server))
- return True
- return False
-
- def remove_account(self, user, server):
- if self.__ejabberdctl(["unregister", user, server]):
- logging.info("Removed account %s@%s." % (user, server))
- return True
- return False
-
- def change_password(self, user, server, password):
- if self.__ejabberdctl(["change_password", user, server, SensitiveString(password)]):
- logging.info("Changed Password for %s@%s." % (user, server))
- return True
- return False
-
- def __ejabberdctl(self, params):
- if config.ejabberdctl_use_sudo:
- return self.__run(['sudo', config.ejabberdctl_path] + params, config.ejabberdctl_environ)
- else:
- return self.__run([config.ejabberdctl_path] + params, config.ejabberdctl_environ)
-
- def __run(self, path_and_params, environ={}):
- real_params = map(self.__get_sensitive_value, path_and_params)
- p = subprocess.Popen(real_params, stdin=subprocess.PIPE,
- stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=environ)
- result = p.wait()
- if result != 0:
- logging.error("Error invoking '%s': Result = %s." %
- (str(map(str,path_and_params)), str(result)))
- return False
- return True
-
- def __get_sensitive_value(self, s):
- if isinstance(s, SensitiveString):
- return s.get_sensitive_value()
- return s
diff --git a/py-bin/jabberman.py b/py-bin/jabberman.py
index d3dac25..d199ca3 100644
--- a/py-bin/jabberman.py
+++ b/py-bin/jabberman.py
@@ -1,78 +1,8 @@
#jabber manager
-import shelve, sqlite3, atexit, bcrypt, sha, hmac, random, os, time, re, datetime, string
+import sqlite3, atexit, bcrypt, sha, hmac, random, os, time, re, datetime, string
import config
-class JabberUserOld:
- def __init__(self, user_id):
- self.user, self.domain = user_id.split("@")
- self.accounts = []
-
- def get_user_id(self):
- return self.user + "@" + self.domain
-
- def get_default_jabber_id(self):
- return self.user + "@jabber." + self.domain
-
- def is_active(self):
- return hasattr(self, "password_hash")
-
- def check_password(self, password):
- if not self.is_active():
- return False
- return self.password_hash == self.__hash_password(password)
-
- def set_password(self, password):
- self.password_hash = self.__hash_password(password)
-
- def __hash_password(self, password):
- return sha.new(password).hexdigest()
-
- @staticmethod
- def generate_token():
- data = str(random.getrandbits(256)) + str(time.time()*1000) + str(os.getpid())
- return "+" + hmac.new(config.the_secret, data, sha).hexdigest()
-
- def set_token(self, token):
- self.token = token
-
- def validate_token(self, token):
- if token[1:] == self.token[1:]:
- if self.__is_token_expired():
- return (False, "Benutzerkonto bereits aktiviert.")
- return (True, self)
- else:
- return (False, "Zugriff verweigert.")
-
- def __is_token_expired(self):
- return self.token[0] != "+"
-
- def expire_token(self):
- self.token = "-" + self.token[1:]
-
- def add_account(self, jabber_id):
- self.accounts.append(jabber_id)
-
- def has_account(self, jabber_id):
- return jabber_id in self.accounts
-
- def get_account_list(self):
- return list(self.accounts)
-
- def get_extra_account_list(self):
- default_acc = self.get_default_jabber_id()
- return filter(lambda acc: acc != default_acc, self.accounts)
-
- def remove_account(self, jabber_id):
- self.accounts.remove(jabber_id)
-
-class JabberAccountOld:
- def __init__(self, jabber_id):
- self.user, self.server = jabber_id.split("@")
-
- def get_jabber_id(self):
- return self.user + "@" + self.server
-
# FIXME: error handling (especially sqlite)
# FIXME: use cryptographically secure RNG fro token generation
# FIXME: what about time-zones? was utcnow ok?
@@ -99,8 +29,12 @@ class WebUser:
self.id, self.email, self.token, self.token_date = id, email, token, token_date
def get_primary_jid(self):
- user, server = self.email.split("@")
- return user + "@jabber." + server
+ return WebUser.derive_primary_jid(self.email)
+
+ @staticmethod
+ def derive_primary_jid(email):
+ user, server = email.split("@")
+ return user + "@jabber." + server
class JabberDB:
def __init__(self):
@@ -271,8 +205,8 @@ class JabberDB:
cur.execute("SELECT * FROM jabber_users where web_user_id=?", (web_user_id,))
rows = cur.fetchall()
- #FIXME: return typed jids
- return rows
+ # @ng: CAUTION, this now returns JabberUser instances, not raw rows
+ return map(lambda row: JabberUser(row[0],row[1],row[2],row[3]), rows)
def select_web_users(self):
cur = self.__connection.cursor()
@@ -281,115 +215,6 @@ class JabberDB:
#FIXME: return typed web users
return rows
-
-
-
-class JabberDBOld:
- def __init__(self):
- self.db = shelve.open(config.jabberdb_path, 'c')
- atexit.register(self.db.close)
-
- def login_user(self, user_id, password):
- user = self.__load_user(user_id)
- if user and user.check_password(password):
- return user
- return None
-
- def generate_token(self, user_id):
- if self.__load_user(user_id):
- return (False, "Benutzer existiert bereits!")
-
- return (True, JabberUser.generate_token())
-
- def prepare_user(self, user_id, token):
- if self.__load_user(user_id):
- return (False, "Benutzer existiert bereits!")
-
- user = JabberUser(user_id)
- user.set_token(token)
- self.__store_user(user)
-
- return (True, "Benutzer registriert, Aktivierung noch ausstehend.")
-
- def validate_token(self, user_id, token):
- user = self.__load_user(user_id)
- if not user:
- return (False, "Zugriff verweigert.")
-
- return user.validate_token(token)
-
- def activate_user(self, user_id, password, token):
- user = self.__load_user(user_id)
- if not user:
- return (False, "Zugriff verweigert.")
-
- ok, status = user.validate_token(token)
- if not ok:
- return (False, status)
-
- user.expire_token()
- user.set_password(password)
- self.__store_user(user)
-
- return (True, user)
-
- def add_account(self, user_id, jabber_id, check_only = False):
- user = self.__load_user(user_id)
- if not user:
- return (False, "Zugriff verweigert.")
-
- account = self.__load_account(jabber_id)
- if account:
- return (False, "Sorry, Jabber Benutzerkonto %s bereits vergeben." % jabber_id)
-
- if check_only:
- return (True, "Jabber kann hinzugefuegt werden.")
-
- account = JabberAccount(jabber_id)
- self.__store_account(account)
- user.add_account(jabber_id)
- self.__store_user(user)
-
- return (True, "Jabber Konto hinzugefuegt.")
-
- def remove_account(self, user_id, jabber_id, check_only = False):
- user = self.__load_user(user_id)
- if (not user) or (not user.has_account(jabber_id)):
- return (False, "Zugriff verweigert.")
-
- if check_only:
- return (True, "Jabber darf geloescht werden.")
-
- self.__delete_account(jabber_id)
- user.remove_account(jabber_id)
- self.__store_user(user)
-
- return (True, "Jabber Konto geloescht.")
-
- def change_password(self, user_id, password):
- user = self.__load_user(user_id)
- if not user:
- return (False, "Zugriff verweigert.")
-
- user.set_password(password)
- self.__store_user(user)
- return (True, "Passwort geaendert.")
-
- def __load_user(self, user_id):
- return self.db.get("#usr#" + user_id)
-
- def __store_user(self, user):
- self.db["#usr#" + user.get_user_id()] = user
-
- def __load_account(self, jabber_id):
- return self.db.get("#acc#" + jabber_id)
-
- def __store_account(self, account):
- self.db["#acc#" + account.get_jabber_id()] = account
-
- def __delete_account(self, jabber_id):
- del(self.db["#acc#" + jabber_id])
-
class JabberManager:
def __init__(self, session):
@@ -405,8 +230,7 @@ class JabberManager:
return True
if (not "uid" in self.session) or (not "pass" in self.session):
return (False, "Nicht angemeldet.")
- ok, status_or_user = self.login(
- self.session["uid"], self.session["pass"])
+ ok, status_or_user = self.login(self.session["uid"], self.session["pass"])
return (ok, status_or_user)
def login(self, user_id, password):
@@ -512,6 +336,13 @@ class JabberManager:
return (False, "Passwort enthaelt unerlaubte Zeichen.")
return (True, "Passwort OK.")
+ def get_account_list(self, user_id):
+ return self.jadb.select_jids(user_id)
+
+ def get_extra_account_list(self, user_id):
+ default_acc = WebUser.derive_primary_jid(user_id)
+ return filter(lambda acc: acc.jid != default_acc, self.get_account_list(user_id))
+
def add_account(self, jabber_id):
if not self.authenticated:
return (False, "Zugriff verweigert.")
diff --git a/py-bin/setup.py b/py-bin/setup.py
index 1978dd1..d59964d 100644
--- a/py-bin/setup.py
+++ b/py-bin/setup.py
@@ -8,14 +8,15 @@ class SetupMixIn:
if not user:
return
- paras = dict(user_id=user.get_user_id(), jabber_id=user.get_default_jabber_id())
- acc_list = map(self.__get_delete_tuple, user.get_extra_account_list())
+ paras = dict(user_id=str(user.email), jabber_id=str(user.get_primary_jid()))
+
+ acc_list = map(self.__get_delete_tuple, self.jman.get_extra_account_list(user.email))
self.render_template(req, "setup_main.em", paras, dict(account_list=acc_list))
setup_main.web_callable = True
def __get_delete_tuple(self, account):
- url = self.make_url([("cmd","delete_account_ask"), ("account",account)])
- return (html_encode(account), url)
+ url = self.make_url([("cmd","delete_account_ask"), ("account",account.jid)])
+ return (html_encode(account.jid), url)
def set_pw_form(self, req):
user = self.__authenticate(req)
@@ -24,7 +25,7 @@ class SetupMixIn:
last_error = req.params.get("error", "")
self.render_template(req, "set_pw_form.em",
- dict(user_id=user.get_user_id(), error=last_error))
+ dict(user_id=str(user.email), error=last_error))
set_pw_form.web_callable = True
def set_pw_process(self, req):
@@ -54,7 +55,7 @@ class SetupMixIn:
domains = config.extra_domains
self.render_template(req, "add_account_form.em",
- dict(user_id=user.get_user_id(), domains=domains, error=last_err))
+ dict(user_id=user.email, domains=domains, error=last_err))
add_account_form.web_callable = True
def add_account_process(self, req):
@@ -87,7 +88,7 @@ class SetupMixIn:
raw = dict(account_urlenc = url_encode(account))
self.render_template(req, "delete_account_ask.em",
- dict(account=account, user_id=user.get_user_id()), raw)
+ dict(account=account, user_id=str(user.email)), raw)
delete_account_ask.web_callable = True
def delete_account_process(self, req):
@@ -111,7 +112,7 @@ class SetupMixIn:
return
self.render_template(req, "setup_help.em",
- dict(user_id=user.get_user_id(),jabber_id=user.get_default_jabber_id()))
+ dict(user_id=user.email,jabber_id=user.get_primary_jid()))
help.web_callable = True
def logout(self, req):
@@ -137,4 +138,4 @@ class SetupMixIn:
self.redirect_to(req, config.script_url)
return None
return status_or_user
- \ No newline at end of file
+