add encryption scheme manipulation

master
Dmytro Makovey 8 years ago
parent 8d0d8c3910
commit db9ac1f68e

@ -163,16 +163,28 @@ class User(Base, Email):
def get_id(self):
return self.email
scheme_dict = {'SHA512-CRYPT': "sha512_crypt",
'SHA256-CRYPT': "sha256_crypt",
'MD5-CRYPT': "md5_crypt",
'CRYPT': "des_crypt"}
pw_context = context.CryptContext(
["sha512_crypt", "sha256_crypt", "md5_crypt"]
schemes = scheme_dict.values(),
default='sha512_crypt',
)
def check_password(self, password):
reference = re.match('({[^}]+})?(.*)', self.password).group(2)
return User.pw_context.verify(password, reference)
def set_password(self, password):
self.password = '{SHA512-CRYPT}' + User.pw_context.encrypt(password)
def set_password(self, password, hash_scheme='SHA512-CRYPT', raw=False):
"""Set password for user with specified encryption scheme
@password: plain text password to encrypt (if raw == True the hash itself)
"""
# for the list of hash schemes see https://wiki2.dovecot.org/Authentication/PasswordSchemes
if raw:
self.password = '{'+hash_scheme+'}' + password
else:
self.password = '{'+hash_scheme+'}' + User.pw_context.encrypt(password, self.scheme_dict[hash_scheme])
def get_managed_domains(self):
if self.global_admin:

@ -35,7 +35,7 @@ def admin(localpart, domain_name, password):
@manager.command
def user(localpart, domain_name, password):
def user(localpart, domain_name, password, hash_scheme='SHA512-CRYPT'):
""" Create an user
"""
domain = models.Domain.query.get(domain_name)
@ -47,7 +47,24 @@ def user(localpart, domain_name, password):
domain=domain,
global_admin=False
)
user.set_password(password)
user.set_password(password, hash_scheme=hash_scheme)
db.session.add(user)
db.session.commit()
@manager.command
def user_raw(localpart, domain_name, password, hash_scheme='SHA512-CRYPT'):
""" Create an user
"""
domain = models.Domain.query.get(domain_name)
if not domain:
domain = models.Domain(name=domain_name)
db.session.add(domain)
user = models.User(
localpart=localpart,
domain=domain,
global_admin=False
)
user.set_password(password, hash_scheme=hash_scheme)
db.session.add(user)
db.session.commit()

Loading…
Cancel
Save