mirror of
https://gitlab.com/allianceauth/allianceauth.git
synced 2025-07-10 13:00:16 +02:00
* Update ipboard_manager.py * Update market_manager.py * Update mumble_manager.py * Update openfire_manager.py * Update phpbb3_manager.py * Update smf_manager.py
145 lines
6.7 KiB
Python
145 lines
6.7 KiB
Python
import logging
|
|
from django.conf import settings
|
|
import requests
|
|
import os
|
|
|
|
from django.db import connections
|
|
from passlib.hash import bcrypt
|
|
## requires yum install libffi-devel and pip install bcrypt
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
class marketManager:
|
|
|
|
SQL_ADD_USER = r"INSERT INTO fos_user (username, username_canonical, email, email_canonical, enabled, salt, password," \
|
|
r"locked, expired, roles, credentials_expired, characterid, characterName)" \
|
|
r"VALUES (%s, %s, %s, %s, 1,%s, %s, 0, 0, 'a:0:{}', 0, %s, %s) "
|
|
SQL_GET_USER_ID = r"SELECT id FROM fos_user WHERE username = %s"
|
|
SQL_DISABLE_USER = r"UPDATE fos_user SET enabled = '0' WHERE username = %s"
|
|
SQL_ENABLE_USER = r"UPDATE fos_user SET enabled = '1' WHERE username = %s"
|
|
SQL_UPDATE_PASSWORD = r"UPDATE fos_user SET password = %s, salt = %s WHERE username = %s"
|
|
SQL_CHECK_EMAIL = r"SELECT email FROM fos_user WHERE email = %s"
|
|
SQL_CHECK_USERNAME = r"SELECT username FROM fos_user WHERE username = %s"
|
|
SQL_UPDATE_USER = r"UPDATE fos_user SET password = %s, salt = %s, enabled = '1' WHERE username = %s"
|
|
|
|
|
|
@staticmethod
|
|
def __santatize_username(username):
|
|
sanatized = username.replace(" ", "_")
|
|
return sanatized.lower()
|
|
|
|
@staticmethod
|
|
def __generate_random_pass():
|
|
return os.urandom(8).encode('hex')
|
|
|
|
@staticmethod
|
|
def check_username(username):
|
|
logger.debug("Checking alliance market username %s" % username)
|
|
cursor = connections['market'].cursor()
|
|
cursor.execute(marketManager.SQL_CHECK_USERNAME, [marketManager.__santatize_username(username)])
|
|
row = cursor.fetchone()
|
|
if row:
|
|
logger.debug("Found user %s on alliance market" % username)
|
|
return True
|
|
logger.debug("User %s not found on alliance market" % username)
|
|
return False
|
|
|
|
@staticmethod
|
|
def check_user_email(username, email):
|
|
logger.debug("Checking if alliance market email exists for user %s" % username)
|
|
cursor = connections['market'].cursor()
|
|
cursor.execute(marketManager.SQL_CHECK_EMAIL, [email])
|
|
row = cursor.fetchone()
|
|
if row:
|
|
logger.debug("Found user %s email address on alliance market" % username)
|
|
return True
|
|
logger.debug("User %s email address not found on alliance market" % username)
|
|
return False
|
|
|
|
|
|
@staticmethod
|
|
def add_user(username, email, characterid, charactername):
|
|
logger.debug("Adding new market user %s" % username)
|
|
plain_password = marketManager.__generate_random_pass()
|
|
hash = bcrypt.encrypt(plain_password, rounds=13)
|
|
hash_result = hash
|
|
rounds_striped = hash_result.strip('$2a$13$')
|
|
salt = rounds_striped[:22]
|
|
username_clean = marketManager.__santatize_username(username)
|
|
if marketManager.check_username(username)== False:
|
|
if marketManager.check_user_email(username, email) == False:
|
|
try:
|
|
logger.debug("Adding user %s to alliance market" % username)
|
|
cursor = connections['market'].cursor()
|
|
cursor.execute(marketManager.SQL_ADD_USER, [username_clean, username_clean, email, email, salt,
|
|
hash, characterid, charactername])
|
|
return username_clean, plain_password
|
|
except:
|
|
logger.debug("Unsuccessful attempt to add market user %s" % username)
|
|
return "", ""
|
|
else:
|
|
logger.debug("Alliance market email %s already exists Updating instead" % email)
|
|
username_clean, password = marketManager.update_user_info(username)
|
|
return username_clean, password
|
|
else:
|
|
logger.debug("Alliance market username %s already exists Updating instead" % username)
|
|
username_clean, password = marketManager.update_user_info(username)
|
|
return username_clean, password
|
|
|
|
@staticmethod
|
|
def disable_user(username):
|
|
logger.debug("Disabling alliance market user %s " % username)
|
|
cursor = connections['market'].cursor()
|
|
cursor.execute(marketManager.SQL_DISABLE_USER, [username])
|
|
return True
|
|
|
|
@staticmethod
|
|
def update_custom_password(username, plain_password):
|
|
logger.debug("Updating alliance market user %s password" % username)
|
|
if marketManager.check_username(username):
|
|
username_clean = marketManager.__santatize_username(username)
|
|
hash = bcrypt.encrypt(plain_password, rounds=13)
|
|
hash_result = hash
|
|
rounds_striped = hash_result.strip('$2a$13$')
|
|
salt = rounds_striped[:22]
|
|
cursor = connections['market'].cursor()
|
|
cursor.execute(marketManager.SQL_UPDATE_PASSWORD, [hash, salt, username_clean])
|
|
return plain_password
|
|
else:
|
|
logger.error("Unable to update alliance market user %s password" % username)
|
|
return ""
|
|
|
|
@staticmethod
|
|
def update_user_password(username):
|
|
logger.debug("Updating alliance market user %s password" % username)
|
|
if marketManager.check_username(username):
|
|
username_clean = marketManager.__santatize_username(username)
|
|
plain_password = marketManager.__generate_random_pass()
|
|
hash = bcrypt.encrypt(plain_password, rounds=13)
|
|
hash_result = hash
|
|
rounds_striped = hash_result.strip('$2a$13$')
|
|
salt = rounds_striped[:22]
|
|
cursor = connections['market'].cursor()
|
|
cursor.execute(marketManager.SQL_UPDATE_PASSWORD, [hash, salt, username_clean])
|
|
return plain_password
|
|
else:
|
|
logger.error("Unable to update alliance market user %s password" % username)
|
|
return ""
|
|
|
|
@staticmethod
|
|
def update_user_info(username):
|
|
logger.debug("Updating alliance market user %s" % username)
|
|
try:
|
|
username_clean = marketManager.__santatize_username(username)
|
|
plain_password = marketManager.__generate_random_pass()
|
|
hash = bcrypt.encrypt(plain_password, rounds=13)
|
|
hash_result = hash
|
|
rounds_striped = hash_result.strip('$2a$13$')
|
|
salt = rounds_striped[:22]
|
|
cursor = connections['market'].cursor()
|
|
cursor.execute(marketManager.SQL_UPDATE_USER, [hash, salt, username_clean])
|
|
return username_clean, plain_password
|
|
except:
|
|
logger.debug("Alliance market update user failed for %s" % username)
|
|
return "", ""
|