work in progress: web login working

author: alice <alice@immerda.ch> 2012-08-31 13:42:38 +0200
committer: alice <alice@immerda.ch> 2012-10-19 15:20:06 +0200
commit: b1be46acc3219a3f613de9c21b89ce90e64b7867 (patch)
tree: ff5ab15d4695d5b8ad4054f705d05b12440eb860 /py-bin
parent: 6efa48858f9a120d90d17e7dd54865fcd996192e (diff)
3 files changed, 27 insertions, 251 deletions
diff --git a/py-bin/ejabberdctl.py b/py-bin/ejabberdctl.py
deleted file mode 100644
index 425e4b2..0000000
--- a/py-bin/ejabberdctl.py
+++ /dev/null
@@ -1,56 +0,0 @@
-#ejabberdctl 
-
-import subprocess, logging
-import config
-
-class SensitiveString:
-	def __init__(self, strn):
-		self.strn = strn
-		
-	def __str__(self):
-		return "*"
-	
-	def get_sensitive_value(self):
-		return self.strn
-	
-
-class EJabberdCtl:
-	def create_account(self, user, server, password):
-		if self.__ejabberdctl(["register", user, server, SensitiveString(password)]):
-			logging.info("Created account %s@%s." % (user, server))
-			return True
-		return False
-	
-	def remove_account(self, user, server):
-		if self.__ejabberdctl(["unregister", user, server]):
-			logging.info("Removed account %s@%s." % (user, server))
-			return True
-		return False
-		
-	def change_password(self, user, server, password):
-		if self.__ejabberdctl(["change_password", user, server, SensitiveString(password)]):
-			logging.info("Changed Password for %s@%s." % (user, server))
-			return True
-		return False
-	
-	def __ejabberdctl(self, params):
-		if config.ejabberdctl_use_sudo:
-			return self.__run(['sudo', config.ejabberdctl_path] + params, config.ejabberdctl_environ)
-		else:
-			return self.__run([config.ejabberdctl_path] + params, config.ejabberdctl_environ)
-	
-	def __run(self, path_and_params, environ={}):
-		real_params = map(self.__get_sensitive_value, path_and_params)
-		p = subprocess.Popen(real_params, stdin=subprocess.PIPE,
-			stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=environ)
-		result = p.wait()
-		if result != 0:
-			logging.error("Error invoking '%s': Result = %s." % 
-					(str(map(str,path_and_params)), str(result)))
-			return False
-		return True
-		
-	def __get_sensitive_value(self, s):
-		if isinstance(s, SensitiveString):
-			return s.get_sensitive_value()
-		return s
diff --git a/py-bin/jabberman.py b/py-bin/jabberman.py
index d3dac25..d199ca3 100644
--- a/py-bin/jabberman.py
+++ b/py-bin/jabberman.py
@@ -1,78 +1,8 @@
 #jabber manager
 
-import shelve, sqlite3, atexit, bcrypt, sha, hmac, random, os, time, re, datetime, string
+import sqlite3, atexit, bcrypt, sha, hmac, random, os, time, re, datetime, string
 import config
 
-class JabberUserOld:
-	def __init__(self, user_id):
-		self.user, self.domain = user_id.split("@")
-		self.accounts = []
-		
-	def get_user_id(self):
-		return self.user + "@" + self.domain
-		
-	def get_default_jabber_id(self):
-		return self.user + "@jabber." + self.domain
-		
-	def is_active(self):
-		return hasattr(self, "password_hash")
-
-	def check_password(self, password):
-		if not self.is_active():
-			return False
-		return self.password_hash == self.__hash_password(password)
-
-	def set_password(self, password):
-		self.password_hash = self.__hash_password(password)
-		
-	def __hash_password(self, password):
-		return sha.new(password).hexdigest()
-	
-	@staticmethod
-	def generate_token():
-		data = str(random.getrandbits(256)) + str(time.time()*1000) + str(os.getpid())
-		return "+" + hmac.new(config.the_secret, data, sha).hexdigest()
-	
-	def set_token(self, token):
-		self.token = token
-		
-	def validate_token(self, token):
-		if token[1:] == self.token[1:]:
-			if self.__is_token_expired():
-				return (False, "Benutzerkonto bereits aktiviert.")
-			return (True, self)
-		else:
-			return (False, "Zugriff verweigert.")
-		
-	def __is_token_expired(self):
-		return self.token[0] != "+"
-	
-	def expire_token(self):
-		self.token = "-" + self.token[1:]
-		
-	def add_account(self, jabber_id):
-		self.accounts.append(jabber_id)
-		
-	def has_account(self, jabber_id):
-		return jabber_id in self.accounts
-		
-	def get_account_list(self):
-		return list(self.accounts)
-		
-	def get_extra_account_list(self):
-		default_acc = self.get_default_jabber_id()
-		return filter(lambda acc: acc != default_acc, self.accounts)
-		
-	def remove_account(self, jabber_id):
-		self.accounts.remove(jabber_id)
-
-class JabberAccountOld:
-	def __init__(self, jabber_id):
-		self.user, self.server = jabber_id.split("@")
-	
-	def get_jabber_id(self):
-		return self.user + "@" + self.server
-
 # FIXME: error handling (especially sqlite)
 # FIXME: use cryptographically secure RNG fro token generation
 # FIXME: what about time-zones? was utcnow ok?
@@ -99,8 +29,12 @@ class WebUser:
 		self.id, self.email, self.token, self.token_date = id, email, token, token_date
 
 	def get_primary_jid(self):
-		user, server = self.email.split("@")
-		return user + "@jabber." + server 
+		return WebUser.derive_primary_jid(self.email)
+
+	@staticmethod
+	def derive_primary_jid(email):
+		user, server = email.split("@")
+		return user + "@jabber." + server
 
 class JabberDB:
 	def __init__(self):
@@ -271,8 +205,8 @@ class JabberDB:
 		cur.execute("SELECT * FROM jabber_users where web_user_id=?", (web_user_id,))
 		rows = cur.fetchall()
 
-		#FIXME: return typed jids
-		return rows
+		# @ng: CAUTION, this now returns JabberUser instances, not raw rows
+		return map(lambda row: JabberUser(row[0],row[1],row[2],row[3]), rows)
 
 	def select_web_users(self):
 		cur = self.__connection.cursor()
@@ -281,115 +215,6 @@ class JabberDB:
 
 		#FIXME: return typed web users
 		return rows
-		
-
-
-class JabberDBOld:
-	def __init__(self):
-		self.db = shelve.open(config.jabberdb_path, 'c')
-		atexit.register(self.db.close)
-		
-	def login_user(self, user_id, password):
-		user = self.__load_user(user_id)
-		if user and user.check_password(password):
-			return user
-		return None
-		
-	def generate_token(self, user_id):
-		if self.__load_user(user_id):
-			return (False, "Benutzer existiert bereits!")
-		
-		return (True, JabberUser.generate_token())
-		
-	def prepare_user(self, user_id, token):
-		if self.__load_user(user_id):
-			return (False, "Benutzer existiert bereits!")
-			
-		user = JabberUser(user_id)
-		user.set_token(token)
-		self.__store_user(user)
-		
-		return (True, "Benutzer registriert, Aktivierung noch ausstehend.")
-		
-	def validate_token(self, user_id, token):
-		user = self.__load_user(user_id)
-		if not user:
-			return (False, "Zugriff verweigert.")
-		
-		return user.validate_token(token)
-	
-	def activate_user(self, user_id, password, token):
-		user = self.__load_user(user_id)
-		if not user:
-			return (False, "Zugriff verweigert.")
-			
-		ok, status = user.validate_token(token)
-		if not ok:
-			return (False, status)
-			
-		user.expire_token()
-		user.set_password(password)
-		self.__store_user(user)
-		
-		return (True, user)
-		
-	def add_account(self, user_id, jabber_id, check_only = False):
-		user = self.__load_user(user_id)
-		if not user:
-			return (False, "Zugriff verweigert.")
-		
-		account = self.__load_account(jabber_id)
-		if account:
-			return (False, "Sorry, Jabber Benutzerkonto %s bereits vergeben." % jabber_id)
-		
-		if check_only:
-			return (True, "Jabber kann hinzugefuegt werden.")
-		
-		account = JabberAccount(jabber_id)
-		self.__store_account(account)
-		user.add_account(jabber_id)
-		self.__store_user(user)
-		
-		return (True, "Jabber Konto hinzugefuegt.")
-	
-	def remove_account(self, user_id, jabber_id, check_only = False):
-		user = self.__load_user(user_id)
-		if (not user) or (not user.has_account(jabber_id)):
-			return (False, "Zugriff verweigert.")
-			
-		if check_only:
-			return (True, "Jabber darf geloescht werden.")
-		
-		self.__delete_account(jabber_id)
-		user.remove_account(jabber_id)
-		self.__store_user(user)
-		
-		return (True, "Jabber Konto geloescht.")
-		
-	def change_password(self, user_id, password):
-		user = self.__load_user(user_id)
-		if not user:
-			return (False, "Zugriff verweigert.")
-		
-		user.set_password(password)
-		self.__store_user(user)
-		return (True, "Passwort geaendert.")
-		
-	def __load_user(self, user_id):
-		return self.db.get("#usr#" + user_id)
-		
-	def __store_user(self, user):
-		self.db["#usr#" + user.get_user_id()] = user
-	
-	def __load_account(self, jabber_id):
-		return self.db.get("#acc#" + jabber_id)
-		
-	def __store_account(self, account):
-		self.db["#acc#" + account.get_jabber_id()] = account
-		
-	def __delete_account(self, jabber_id):
-		del(self.db["#acc#" + jabber_id])
-
 
 class JabberManager:
 	def __init__(self, session):
@@ -405,8 +230,7 @@ class JabberManager:
 			return True 
 		if (not "uid" in self.session) or (not "pass" in self.session):
 			return (False, "Nicht angemeldet.")
-		ok, status_or_user = self.login(
-			self.session["uid"], self.session["pass"])
+		ok, status_or_user = self.login(self.session["uid"], self.session["pass"])
 		return (ok, status_or_user)
 		
 	def login(self, user_id, password):
@@ -512,6 +336,13 @@ class JabberManager:
 			return (False, "Passwort enthaelt unerlaubte Zeichen.")
 		return (True, "Passwort OK.")
 	
+	def get_account_list(self, user_id):
+		return self.jadb.select_jids(user_id)
+
+	def get_extra_account_list(self, user_id):
+		default_acc = WebUser.derive_primary_jid(user_id)
+		return filter(lambda acc: acc.jid != default_acc, self.get_account_list(user_id))
+
 	def add_account(self, jabber_id):
 		if not self.authenticated:
 			return (False, "Zugriff verweigert.")
diff --git a/py-bin/setup.py b/py-bin/setup.py
index 1978dd1..d59964d 100644
--- a/py-bin/setup.py
+++ b/py-bin/setup.py
@@ -8,14 +8,15 @@ class SetupMixIn:
 		if not user:
 			return
 		
-		paras = dict(user_id=user.get_user_id(), jabber_id=user.get_default_jabber_id())
-		acc_list = map(self.__get_delete_tuple, user.get_extra_account_list())
+		paras = dict(user_id=str(user.email), jabber_id=str(user.get_primary_jid()))
+		
+		acc_list = map(self.__get_delete_tuple, self.jman.get_extra_account_list(user.email))
 		self.render_template(req, "setup_main.em", paras, dict(account_list=acc_list))
 	setup_main.web_callable = True
 	
 	def __get_delete_tuple(self, account):
-		url = self.make_url([("cmd","delete_account_ask"), ("account",account)])
-		return (html_encode(account), url)
+		url = self.make_url([("cmd","delete_account_ask"), ("account",account.jid)])
+		return (html_encode(account.jid), url)
 	
 	def set_pw_form(self, req):
 		user = self.__authenticate(req)
@@ -24,7 +25,7 @@ class SetupMixIn:
 		
 		last_error = req.params.get("error", "")
 		self.render_template(req, "set_pw_form.em",
-			dict(user_id=user.get_user_id(), error=last_error))
+			dict(user_id=str(user.email), error=last_error))
 	set_pw_form.web_callable = True
 		
 	def set_pw_process(self, req):
@@ -54,7 +55,7 @@ class SetupMixIn:
 		domains = config.extra_domains
 		
 		self.render_template(req, "add_account_form.em",
-			dict(user_id=user.get_user_id(), domains=domains, error=last_err))
+			dict(user_id=user.email, domains=domains, error=last_err))
 	add_account_form.web_callable = True
 	
 	def add_account_process(self, req):
@@ -87,7 +88,7 @@ class SetupMixIn:
 		
 		raw = dict(account_urlenc = url_encode(account))
 		self.render_template(req, "delete_account_ask.em",
-			dict(account=account, user_id=user.get_user_id()), raw)
+			dict(account=account, user_id=str(user.email)), raw)
 	delete_account_ask.web_callable = True
 
 	def delete_account_process(self, req):
@@ -111,7 +112,7 @@ class SetupMixIn:
 			return
 		
 		self.render_template(req, "setup_help.em",
-			dict(user_id=user.get_user_id(),jabber_id=user.get_default_jabber_id()))
+			dict(user_id=user.email,jabber_id=user.get_primary_jid()))
 	help.web_callable = True
 	
 	def logout(self, req):
@@ -137,4 +138,4 @@ class SetupMixIn:
 			self.redirect_to(req, config.script_url)
 			return None
 		return status_or_user
-			
-\ No newline at end of file
+
author	alice <alice@immerda.ch>	2012-08-31 13:42:38 +0200
committer	alice <alice@immerda.ch>	2012-10-19 15:20:06 +0200
commit	b1be46acc3219a3f613de9c21b89ce90e64b7867 (patch)
tree	ff5ab15d4695d5b8ad4054f705d05b12440eb860 /py-bin
parent	6efa48858f9a120d90d17e7dd54865fcd996192e (diff)