BluemediaDev
e5c5e94989
All checks were successful
ci/woodpecker/push/docker Pipeline was successful
87 lines
3.6 KiB
Python
87 lines
3.6 KiB
Python
import secrets
|
|
import sys
|
|
import os
|
|
sys.path.append(os.path.join(os.path.dirname(__file__), ".."))
|
|
|
|
import argparse
|
|
from dotenv import load_dotenv
|
|
|
|
from sqlalchemy import select
|
|
from sqlalchemy.orm import Session
|
|
from argon2 import PasswordHasher
|
|
|
|
load_dotenv()
|
|
|
|
from app.models import *
|
|
from app.database import SessionLocal
|
|
|
|
def __get_user_by_email(db: Session, email: str):
|
|
stmt = select(user.User).where(user.User.email == email)
|
|
result = db.execute(stmt)
|
|
return result.scalars().first()
|
|
|
|
def create_user(args):
|
|
hasher = PasswordHasher(memory_cost=102400)
|
|
with SessionLocal() as db:
|
|
db_user = __get_user_by_email(db, args.email)
|
|
if db_user is not None:
|
|
print(f'Error: A user with email \'{args.email}\' already exists.')
|
|
sys.exit(1)
|
|
hashed_password = hasher.hash(args.password)
|
|
db_user = user.User(
|
|
friendly_name=args.name, email=args.email, password=hashed_password
|
|
)
|
|
db.add(db_user)
|
|
db.commit()
|
|
print(f'Success: Created user \'{args.email}\'.')
|
|
|
|
def reset_password(args):
|
|
hasher = PasswordHasher(memory_cost=102400)
|
|
with SessionLocal() as db:
|
|
db_user = __get_user_by_email(db, args.email)
|
|
if db_user is None:
|
|
print(f'Error: No user with email \'{args.email}\' found.')
|
|
sys.exit(1)
|
|
db_user.password = hasher.hash(args.password)
|
|
db.commit()
|
|
print(f'Success: Changed password for user \'{args.email}\'.')
|
|
|
|
def set_role(args):
|
|
with SessionLocal() as db:
|
|
db_user = __get_user_by_email(db, args.email)
|
|
if db_user is None:
|
|
print(f'Error: No user with email \'{args.email}\' found.')
|
|
sys.exit(1)
|
|
db_user.role = user.Role(args.role)
|
|
db.commit()
|
|
print(f'Success: Role of user \'{args.email}\' changed to \'{db_user.role}\'.')
|
|
|
|
def generate_secret(args):
|
|
print(f'Your secret: {secrets.token_urlsafe(64)}')
|
|
|
|
if __name__ == "__main__":
|
|
parser = argparse.ArgumentParser()
|
|
subparsers = parser.add_subparsers(help="subcommands", required=True)
|
|
|
|
p_create_user = subparsers.add_parser('user_create', help='Create a new user')
|
|
p_create_user.add_argument('--email', type=str, required=True, help='Email of the new user')
|
|
p_create_user.add_argument('--password', type=str, required=True, help='Password for the new user')
|
|
p_create_user.add_argument('--name', type=str, required=False, help='Display name of the new user')
|
|
p_create_user.add_argument('--role', type=str, choices=('member', 'administrator'), default='member', required=False, help='Role of the new user')
|
|
p_create_user.set_defaults(func=create_user)
|
|
|
|
p_reset_password = subparsers.add_parser('user_reset_password', help='Reset password for a user')
|
|
p_reset_password.add_argument('--email', type=str, required=True, help='Email of the user to modify')
|
|
p_reset_password.add_argument('--password', type=str, required=True, help='New password for the specified user')
|
|
p_reset_password.set_defaults(func=reset_password)
|
|
|
|
p_set_role = subparsers.add_parser('user_set_role', help='Update role of a user')
|
|
p_set_role.add_argument('--email', type=str, required=True, help='Email of the user to modify')
|
|
p_set_role.add_argument('--role', type=str, choices=('member', 'administrator'), required=True, help='New role for the specified user')
|
|
p_set_role.set_defaults(func=set_role)
|
|
|
|
p_set_role = subparsers.add_parser('generate_secret', help='Generate safe to use secret for token signing')
|
|
p_set_role.set_defaults(func=generate_secret)
|
|
|
|
args = parser.parse_args()
|
|
args.func(args)
|