import secrets import sys import os sys.path.append(os.path.join(os.path.dirname(__file__), "..")) import argparse from dotenv import load_dotenv from sqlalchemy import select from sqlalchemy.orm import Session from argon2 import PasswordHasher load_dotenv() from app.models import * from app.database import SessionLocal def __get_user_by_email(db: Session, email: str): stmt = select(user.User).where(user.User.email == email) result = db.execute(stmt) return result.scalars().first() def create_user(args): hasher = PasswordHasher(memory_cost=102400) with SessionLocal() as db: db_user = __get_user_by_email(db, args.email) if db_user is not None: print(f'Error: A user with email \'{args.email}\' already exists.') sys.exit(1) hashed_password = hasher.hash(args.password) db_user = user.User( friendly_name=args.name, email=args.email, password=hashed_password ) db.add(db_user) db.commit() print(f'Success: Created user \'{args.email}\'.') def reset_password(args): hasher = PasswordHasher(memory_cost=102400) with SessionLocal() as db: db_user = __get_user_by_email(db, args.email) if db_user is None: print(f'Error: No user with email \'{args.email}\' found.') sys.exit(1) db_user.password = hasher.hash(args.password) db.commit() print(f'Success: Changed password for user \'{args.email}\'.') def set_role(args): with SessionLocal() as db: db_user = __get_user_by_email(db, args.email) if db_user is None: print(f'Error: No user with email \'{args.email}\' found.') sys.exit(1) db_user.role = user.Role(args.role) db.commit() print(f'Success: Role of user \'{args.email}\' changed to \'{db_user.role}\'.') def generate_secret(args): print(f'Your secret: {secrets.token_urlsafe(64)}') if __name__ == "__main__": parser = argparse.ArgumentParser() subparsers = parser.add_subparsers(help="subcommands", required=True) p_create_user = subparsers.add_parser('user_create', help='Create a new user') p_create_user.add_argument('--email', type=str, required=True, help='Email of the new user') p_create_user.add_argument('--password', type=str, required=True, help='Password for the new user') p_create_user.add_argument('--name', type=str, required=False, help='Display name of the new user') p_create_user.add_argument('--role', type=str, choices=('member', 'administrator'), default='member', required=False, help='Role of the new user') p_create_user.set_defaults(func=create_user) p_reset_password = subparsers.add_parser('user_reset_password', help='Reset password for a user') p_reset_password.add_argument('--email', type=str, required=True, help='Email of the user to modify') p_reset_password.add_argument('--password', type=str, required=True, help='New password for the specified user') p_reset_password.set_defaults(func=reset_password) p_set_role = subparsers.add_parser('user_set_role', help='Update role of a user') p_set_role.add_argument('--email', type=str, required=True, help='Email of the user to modify') p_set_role.add_argument('--role', type=str, choices=('member', 'administrator'), required=True, help='New role for the specified user') p_set_role.set_defaults(func=set_role) p_set_role = subparsers.add_parser('generate_secret', help='Generate safe to use secret for token signing') p_set_role.set_defaults(func=generate_secret) args = parser.parse_args() args.func(args)