diff --git a/bin/launch_webadmin b/bin/launch_webadmin index 40ec4d9..d110a46 100755 --- a/bin/launch_webadmin +++ b/bin/launch_webadmin @@ -9,6 +9,7 @@ parser.add_argument("--token_file", default="/etc/door_tokens", help="path to th parser.add_argument("--nfc_socket", default="/tmp/nfc.sock", help="socket for handling NFC reader commands") parser.add_argument("--template_folder", default="templates", help="path to Flask templates folder") parser.add_argument("--static_folder", default="static", help="path to Flask static folder") +parser.add_argument("--admin_file", help="Path to file for creating initial admin users") parser.add_argument("--mqtt_host", default="10.10.21.2", help="IP address of MQTT broker") parser.add_argument("--port", default=80, help="Port for running the Flask server") parser.add_argument("--mail_server", default="smtp.googlemail.com", help="email server for sending security messages") diff --git a/imaginaerraum_door_admin/webapp.py b/imaginaerraum_door_admin/webapp.py index 9c63a4f..398514a 100644 --- a/imaginaerraum_door_admin/webapp.py +++ b/imaginaerraum_door_admin/webapp.py @@ -9,6 +9,7 @@ from flask_security import Security, SQLAlchemyUserDatastore, auth_required, has from flask_security.models import fsqla_v2 as fsqla from flask_security.forms import LoginForm, Required, PasswordField from flask_mail import Mail +from email_validator import validate_email import bleach from datetime import date @@ -101,16 +102,31 @@ def create_application(config): user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(app, user_datastore, login_form=ExtendedLoginForm) + # create admin users (only if they don't exists already) + def create_admins(admin_user_file): + with open(admin_user_file) as f: + admin_data = f.readlines() + for i, d in enumerate(admin_data): + try: + user, email, pw = d.split() + if user_datastore.find_user(email=email, username=user) is None: + validate_email(email) + # create new admin (only if admin does not already exist) + user_datastore.create_user(email=email, username=user, password=hash_password(pw)) + except Exception as e: + print(f"Error while parsing line {i} in admin config file. Config file should contain lines of " + f"' \\n'\n Exception: {e}\nAdmin account could not be created.") + db.session.commit() # Create a user to test with @app.before_first_request def create_user(): db.create_all() - if not user_datastore.find_user(email='admin@example.com', username="admin"): - user_datastore.create_user(email='admin@example.com', username="admin", password=hash_password("password")) + if config.admin_file is not None: + # create admin accounts from given file + create_admins(config.admin_file) db.session.commit() - @app.route('/') def door_lock(): return render_template('index.html', door_state=door.state, encoder_position=door.encoder_position)