1
0
mirror of https://github.com/spl0k/supysonic.git synced 2024-12-23 01:16:18 +00:00

Retab and change header of user.py

This commit is contained in:
Óscar García Amor 2017-08-07 11:11:15 +02:00
parent 04bd88743d
commit a6a37475c2

View File

@ -1,24 +1,17 @@
# coding: utf-8 # -*- coding: utf-8 -*-
# vim:fenc=utf-8
#
# This file is part of Supysonic. # This file is part of Supysonic.
#
# Supysonic is a Python implementation of the Subsonic server API. # Supysonic is a Python implementation of the Subsonic server API.
# Copyright (C) 2013 Alban 'spl0k' Féron
# #
# This program is free software: you can redistribute it and/or modify # Copyright (C) 2013-2017 Alban 'spl0k' Féron
# it under the terms of the GNU Affero General Public License as published by # 2017 Óscar García Amor
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# #
# This program is distributed in the hope that it will be useful, # Distributed under terms of the GNU AGPLv3 license.
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import string, random, hashlib import string
import random
import hashlib
import uuid import uuid
from supysonic.db import User, ChatMessage, Playlist from supysonic.db import User, ChatMessage, Playlist
@ -26,140 +19,140 @@ from supysonic.db import StarredFolder, StarredArtist, StarredAlbum, StarredTrac
from supysonic.db import RatingFolder, RatingTrack from supysonic.db import RatingFolder, RatingTrack
class UserManager: class UserManager:
SUCCESS = 0 SUCCESS = 0
INVALID_ID = 1 INVALID_ID = 1
NO_SUCH_USER = 2 NO_SUCH_USER = 2
NAME_EXISTS = 3 NAME_EXISTS = 3
WRONG_PASS = 4 WRONG_PASS = 4
@staticmethod @staticmethod
def get(store, uid): def get(store, uid):
if type(uid) in (str, unicode): if type(uid) in (str, unicode):
try: try:
uid = uuid.UUID(uid) uid = uuid.UUID(uid)
except: except:
return UserManager.INVALID_ID, None return UserManager.INVALID_ID, None
elif type(uid) is uuid.UUID: elif type(uid) is uuid.UUID:
pass pass
else: else:
return UserManager.INVALID_ID, None return UserManager.INVALID_ID, None
user = store.get(User, uid) user = store.get(User, uid)
if user is None: if user is None:
return UserManager.NO_SUCH_USER, None return UserManager.NO_SUCH_USER, None
return UserManager.SUCCESS, user return UserManager.SUCCESS, user
@staticmethod @staticmethod
def add(store, name, password, mail, admin): def add(store, name, password, mail, admin):
if store.find(User, User.name == name).one(): if store.find(User, User.name == name).one():
return UserManager.NAME_EXISTS return UserManager.NAME_EXISTS
password = UserManager.__decode_password(password) password = UserManager.__decode_password(password)
crypt, salt = UserManager.__encrypt_password(password) crypt, salt = UserManager.__encrypt_password(password)
user = User() user = User()
user.name = name user.name = name
user.mail = mail user.mail = mail
user.password = crypt user.password = crypt
user.salt = salt user.salt = salt
user.admin = admin user.admin = admin
store.add(user) store.add(user)
store.commit() store.commit()
return UserManager.SUCCESS return UserManager.SUCCESS
@staticmethod @staticmethod
def delete(store, uid): def delete(store, uid):
status, user = UserManager.get(store, uid) status, user = UserManager.get(store, uid)
if status != UserManager.SUCCESS: if status != UserManager.SUCCESS:
return status return status
store.find(StarredFolder, StarredFolder.user_id == uid).remove() store.find(StarredFolder, StarredFolder.user_id == uid).remove()
store.find(StarredArtist, StarredArtist.user_id == uid).remove() store.find(StarredArtist, StarredArtist.user_id == uid).remove()
store.find(StarredAlbum, StarredAlbum.user_id == uid).remove() store.find(StarredAlbum, StarredAlbum.user_id == uid).remove()
store.find(StarredTrack, StarredTrack.user_id == uid).remove() store.find(StarredTrack, StarredTrack.user_id == uid).remove()
store.find(RatingFolder, RatingFolder.user_id == uid).remove() store.find(RatingFolder, RatingFolder.user_id == uid).remove()
store.find(RatingTrack, RatingTrack.user_id == uid).remove() store.find(RatingTrack, RatingTrack.user_id == uid).remove()
store.find(ChatMessage, ChatMessage.user_id == uid).remove() store.find(ChatMessage, ChatMessage.user_id == uid).remove()
for playlist in store.find(Playlist, Playlist.user_id == uid): for playlist in store.find(Playlist, Playlist.user_id == uid):
playlist.tracks.clear() playlist.tracks.clear()
store.remove(playlist) store.remove(playlist)
store.remove(user) store.remove(user)
store.commit() store.commit()
return UserManager.SUCCESS return UserManager.SUCCESS
@staticmethod @staticmethod
def try_auth(store, name, password): def try_auth(store, name, password):
password = UserManager.__decode_password(password) password = UserManager.__decode_password(password)
user = store.find(User, User.name == name).one() user = store.find(User, User.name == name).one()
if not user: if not user:
return UserManager.NO_SUCH_USER, None return UserManager.NO_SUCH_USER, None
elif UserManager.__encrypt_password(password, user.salt)[0] != user.password: elif UserManager.__encrypt_password(password, user.salt)[0] != user.password:
return UserManager.WRONG_PASS, None return UserManager.WRONG_PASS, None
else: else:
return UserManager.SUCCESS, user return UserManager.SUCCESS, user
@staticmethod @staticmethod
def change_password(store, uid, old_pass, new_pass): def change_password(store, uid, old_pass, new_pass):
status, user = UserManager.get(store, uid) status, user = UserManager.get(store, uid)
if status != UserManager.SUCCESS: if status != UserManager.SUCCESS:
return status return status
old_pass = UserManager.__decode_password(old_pass) old_pass = UserManager.__decode_password(old_pass)
new_pass = UserManager.__decode_password(new_pass) new_pass = UserManager.__decode_password(new_pass)
if UserManager.__encrypt_password(old_pass, user.salt)[0] != user.password: if UserManager.__encrypt_password(old_pass, user.salt)[0] != user.password:
return UserManager.WRONG_PASS return UserManager.WRONG_PASS
user.password = UserManager.__encrypt_password(new_pass, user.salt)[0] user.password = UserManager.__encrypt_password(new_pass, user.salt)[0]
store.commit() store.commit()
return UserManager.SUCCESS return UserManager.SUCCESS
@staticmethod @staticmethod
def change_password2(store, name, new_pass): def change_password2(store, name, new_pass):
user = store.find(User, User.name == name).one() user = store.find(User, User.name == name).one()
if not user: if not user:
return UserManager.NO_SUCH_USER return UserManager.NO_SUCH_USER
new_pass = UserManager.__decode_password(new_pass) new_pass = UserManager.__decode_password(new_pass)
user.password = UserManager.__encrypt_password(new_pass, user.salt)[0] user.password = UserManager.__encrypt_password(new_pass, user.salt)[0]
store.commit() store.commit()
return UserManager.SUCCESS return UserManager.SUCCESS
@staticmethod @staticmethod
def error_str(err): def error_str(err):
if err == UserManager.SUCCESS: if err == UserManager.SUCCESS:
return 'No error' return 'No error'
elif err == UserManager.INVALID_ID: elif err == UserManager.INVALID_ID:
return 'Invalid user id' return 'Invalid user id'
elif err == UserManager.NO_SUCH_USER: elif err == UserManager.NO_SUCH_USER:
return 'No such user' return 'No such user'
elif err == UserManager.NAME_EXISTS: elif err == UserManager.NAME_EXISTS:
return 'There is already a user with that name' return 'There is already a user with that name'
elif err == UserManager.WRONG_PASS: elif err == UserManager.WRONG_PASS:
return 'Wrong password' return 'Wrong password'
else: else:
return 'Unkown error' return 'Unkown error'
@staticmethod @staticmethod
def __encrypt_password(password, salt = None): def __encrypt_password(password, salt = None):
if salt is None: if salt is None:
salt = ''.join(random.choice(string.printable.strip()) for i in xrange(6)) salt = ''.join(random.choice(string.printable.strip()) for i in xrange(6))
return hashlib.sha1(salt + password).hexdigest(), salt return hashlib.sha1(salt + password).hexdigest(), salt
@staticmethod @staticmethod
def __decode_password(password): def __decode_password(password):
if not password.startswith('enc:'): if not password.startswith('enc:'):
return password return password
enc = password[4:] enc = password[4:]
ret = '' ret = ''
while enc: while enc:
ret = ret + chr(int(enc[:2], 16)) ret = ret + chr(int(enc[:2], 16))
enc = enc[2:] enc = enc[2:]
return ret return ret