real backend for auth
This commit is contained in:
parent
c232be79ee
commit
26dfc8fb6c
|
@ -0,0 +1,7 @@
|
||||||
|
import hashlib
|
||||||
|
|
||||||
|
|
||||||
|
def pwhash(password):
|
||||||
|
h = hashlib.sha256()
|
||||||
|
h.update(password.encode("UTF-8"))
|
||||||
|
return h.hexdigest()
|
|
@ -3,10 +3,11 @@ import cherrypy
|
||||||
import logging
|
import logging
|
||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
from photoapp.library import PhotoLibrary
|
from photoapp.library import PhotoLibrary
|
||||||
from photoapp.types import Photo, PhotoSet, Tag, TagItem, PhotoStatus
|
from photoapp.types import Photo, PhotoSet, Tag, TagItem, PhotoStatus, User
|
||||||
from jinja2 import Environment, FileSystemLoader, select_autoescape
|
from jinja2 import Environment, FileSystemLoader, select_autoescape
|
||||||
from sqlalchemy import desc
|
from sqlalchemy import desc
|
||||||
from sqlalchemy import func, and_, or_
|
from sqlalchemy import func, and_, or_
|
||||||
|
from photoapp.common import pwhash
|
||||||
import math
|
import math
|
||||||
from urllib.parse import urlparse
|
from urllib.parse import urlparse
|
||||||
|
|
||||||
|
@ -486,8 +487,10 @@ def main():
|
||||||
'error_page.404': web.error}
|
'error_page.404': web.error}
|
||||||
|
|
||||||
def validate_password(realm, username, password):
|
def validate_password(realm, username, password):
|
||||||
print("I JUST VALIDATED {}:{} ({})".format(username, password, realm))
|
s = library.session()
|
||||||
return True
|
if s.query(User).filter(User.name == username, User.password == pwhash(password)).first():
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
cherrypy.tree.mount(web, '/', {'/': web_config,
|
cherrypy.tree.mount(web, '/', {'/': web_config,
|
||||||
'/static': {"tools.staticdir.on": True,
|
'/static': {"tools.staticdir.on": True,
|
||||||
|
|
|
@ -87,3 +87,19 @@ class TagItem(Base):
|
||||||
set = relationship("PhotoSet", back_populates="tags", foreign_keys=[set_id])
|
set = relationship("PhotoSet", back_populates="tags", foreign_keys=[set_id])
|
||||||
|
|
||||||
UniqueConstraint(tag_id, set_id)
|
UniqueConstraint(tag_id, set_id)
|
||||||
|
|
||||||
|
|
||||||
|
class UserStatus(enum.Enum):
|
||||||
|
banned = -1
|
||||||
|
guest = 0
|
||||||
|
normal = 1
|
||||||
|
admin = 2
|
||||||
|
|
||||||
|
|
||||||
|
class User(Base):
|
||||||
|
__tablename__ = 'users'
|
||||||
|
|
||||||
|
id = Column(Integer, primary_key=True)
|
||||||
|
name = Column(String(length=64), unique=True)
|
||||||
|
password = Column(String(length=64)) # sha256
|
||||||
|
status = Column(Enum(UserStatus), default=UserStatus.normal)
|
||||||
|
|
|
@ -0,0 +1,56 @@
|
||||||
|
import argparse
|
||||||
|
from photoapp.library import PhotoLibrary
|
||||||
|
from photoapp.types import User
|
||||||
|
from photoapp.common import pwhash
|
||||||
|
|
||||||
|
|
||||||
|
def create_user(library, username, password):
|
||||||
|
s = library.session()
|
||||||
|
s.add(User(name=username, password=pwhash(password)))
|
||||||
|
s.commit()
|
||||||
|
|
||||||
|
|
||||||
|
def list_users(library):
|
||||||
|
s = library.session()
|
||||||
|
print("id\tname")
|
||||||
|
for user in s.query(User).order_by(User.name).all():
|
||||||
|
print("{}\t{}".format(user.id, user.name))
|
||||||
|
|
||||||
|
|
||||||
|
def delete_user(library, username):
|
||||||
|
s = library.session()
|
||||||
|
u = s.query(User).filter(User.name == username).first()
|
||||||
|
s.delete(u)
|
||||||
|
s.commit()
|
||||||
|
print("Deleted user {}".format(u.id))
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
parser = argparse.ArgumentParser(description="User manipulation tool")
|
||||||
|
p_mode = parser.add_subparsers(dest='action', help='action to take')
|
||||||
|
|
||||||
|
p_create = p_mode.add_parser('create', help='create user')
|
||||||
|
p_create.add_argument("-u", "--username", help="username", required=True)
|
||||||
|
p_create.add_argument("-p", "--password", help="password", required=True)
|
||||||
|
|
||||||
|
p_list = p_mode.add_parser('list', help='list users')
|
||||||
|
|
||||||
|
p_delete = p_mode.add_parser('delete', help='delete users')
|
||||||
|
p_delete.add_argument("-u", "--username", help="username", required=True)
|
||||||
|
|
||||||
|
args = parser.parse_args()
|
||||||
|
|
||||||
|
library = PhotoLibrary("photos.db", "./library/", "./cache/")
|
||||||
|
|
||||||
|
if args.action == "create":
|
||||||
|
create_user(library, args.username, args.password)
|
||||||
|
elif args.action == "list":
|
||||||
|
list_users(library)
|
||||||
|
elif args.action == "delete":
|
||||||
|
delete_user(library, args.username)
|
||||||
|
else:
|
||||||
|
parser.print_help()
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
1
setup.py
1
setup.py
|
@ -21,6 +21,7 @@ setup(name='photoapp',
|
||||||
"photovalidate = photoapp.validate:main",
|
"photovalidate = photoapp.validate:main",
|
||||||
"photoinfo = photoapp.image:main",
|
"photoinfo = photoapp.image:main",
|
||||||
"photooffset = photoapp.dateoffset:main",
|
"photooffset = photoapp.dateoffset:main",
|
||||||
|
"photousers = photoapp.users:main",
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
include_package_data=True,
|
include_package_data=True,
|
||||||
|
|
Loading…
Reference in New Issue