add check function for logged-in clients
This commit is contained in:
parent
690826ace1
commit
a5a1d943b0
30
clientsdb.py
30
clientsdb.py
|
|
@ -25,11 +25,11 @@ def addclient(vmid, vmname, clientid, clientname, clientemail, vmpass):
|
|||
salt = bcrypt.gensalt()
|
||||
b_newpass = newpass.encode('ascii')
|
||||
encpasswd = bcrypt.hashpw(b_newpass, salt).decode('ascii')
|
||||
vcard = { 'name':str(clientname), 'email':str(clientemail), 'encpasswd':str(encpasswd) }
|
||||
vcard = { 'name':str(clientname), 'email':str(clientemail), 'encpasswd':str(encpasswd), 'id':str(clientid) }
|
||||
newclient = { str(clientid):vcard }
|
||||
clientsdb.update(newclient)
|
||||
#Send initial email to the user as we will use the internal auth from now on.
|
||||
###utils.sendmail(clientemail, 'W{} logged in.'.format)
|
||||
###utils.sendmail(clientemail, '{} logged in.'.format)
|
||||
#TODO: Sync with proxmaster-admin database (shell command could be used for this one)
|
||||
ioconfig.logger.info('client[{}]> vmid {} is now owned by {} ({})'.format(clientid, vmid, clientemail, clientname))
|
||||
|
||||
|
|
@ -66,9 +66,20 @@ def setencpasswd(clientemail, newpass):
|
|||
#TODO: Send new email to the client to notify the password change. This time sending the password in plain text is not needed.
|
||||
|
||||
|
||||
def check(clientid):
|
||||
""" return list of owned vmids if client id matches the client database. (logged-in users)"""
|
||||
#1. search for the client
|
||||
try:
|
||||
clientsdb = readclientsdb()
|
||||
c_id = clientsdb[str(clientid)]
|
||||
return clientvms(clientsdb[c_id])
|
||||
except:
|
||||
ioconfig.logger.error('clients> user id: {} could not be checked.'.format(clientid))
|
||||
return None
|
||||
|
||||
|
||||
def validate(clientemail, password):
|
||||
""" return list of owned vmids or false if credentials match an user form the database.
|
||||
useful for authing extrnal admin panels """
|
||||
""" return list of owned vmids if credentials match an user from the database. (fresh logins)"""
|
||||
#1. search for the client
|
||||
try:
|
||||
clientsdb = readclientsdb()
|
||||
|
|
@ -76,9 +87,9 @@ def validate(clientemail, password):
|
|||
c_id = str(path[0])
|
||||
#ioconfig.logger.info('client[{}]> path={}'.format(c_id, str(path)))
|
||||
except:
|
||||
ioconfig.logger.warning('clients> {} was not found in the database!'.format(clientemail))
|
||||
ioconfig.logger.error('clients> {} was not found in the database!'.format(clientemail))
|
||||
#log bad ips here...
|
||||
return {}
|
||||
return None
|
||||
|
||||
#2. check the password
|
||||
encpass = clientsdb[c_id]['encpasswd']
|
||||
|
|
@ -95,16 +106,11 @@ def validate(clientemail, password):
|
|||
ioconfig.logger.warning('clients> {} access denied!'.format(clientemail))
|
||||
#cant compare password
|
||||
#TODO: Log attempts and block.
|
||||
return {}
|
||||
return None
|
||||
|
||||
|
||||
def clientvms(vmlist):
|
||||
""" generate vmlist """
|
||||
#clear unused objects. perhaps there is a better way to do this but im kinda anxious today...
|
||||
vmlist.pop('name')
|
||||
vmlist.pop('email')
|
||||
vmlist.pop('encpasswd')
|
||||
|
||||
response = {}
|
||||
for vmid,data in vmlist.items():
|
||||
response[vmid] = data
|
||||
|
|
|
|||
Loading…
Reference in a new issue