Added option to create admin users by passing file with username, email and initial password

This commit is contained in:
Simon Pirkelmann 2021-03-21 17:27:01 +01:00
parent bf239edf1d
commit c981161cd7
2 changed files with 20 additions and 3 deletions

View File

@ -9,6 +9,7 @@ parser.add_argument("--token_file", default="/etc/door_tokens", help="path to th
parser.add_argument("--nfc_socket", default="/tmp/nfc.sock", help="socket for handling NFC reader commands") parser.add_argument("--nfc_socket", default="/tmp/nfc.sock", help="socket for handling NFC reader commands")
parser.add_argument("--template_folder", default="templates", help="path to Flask templates folder") parser.add_argument("--template_folder", default="templates", help="path to Flask templates folder")
parser.add_argument("--static_folder", default="static", help="path to Flask static folder") parser.add_argument("--static_folder", default="static", help="path to Flask static folder")
parser.add_argument("--admin_file", help="Path to file for creating initial admin users")
parser.add_argument("--mqtt_host", default="10.10.21.2", help="IP address of MQTT broker") parser.add_argument("--mqtt_host", default="10.10.21.2", help="IP address of MQTT broker")
parser.add_argument("--port", default=80, help="Port for running the Flask server") parser.add_argument("--port", default=80, help="Port for running the Flask server")
parser.add_argument("--mail_server", default="smtp.googlemail.com", help="email server for sending security messages") parser.add_argument("--mail_server", default="smtp.googlemail.com", help="email server for sending security messages")

View File

@ -9,6 +9,7 @@ from flask_security import Security, SQLAlchemyUserDatastore, auth_required, has
from flask_security.models import fsqla_v2 as fsqla from flask_security.models import fsqla_v2 as fsqla
from flask_security.forms import LoginForm, Required, PasswordField from flask_security.forms import LoginForm, Required, PasswordField
from flask_mail import Mail from flask_mail import Mail
from email_validator import validate_email
import bleach import bleach
from datetime import date from datetime import date
@ -101,16 +102,31 @@ def create_application(config):
user_datastore = SQLAlchemyUserDatastore(db, User, Role) user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore, login_form=ExtendedLoginForm) security = Security(app, user_datastore, login_form=ExtendedLoginForm)
# create admin users (only if they don't exists already)
def create_admins(admin_user_file):
with open(admin_user_file) as f:
admin_data = f.readlines()
for i, d in enumerate(admin_data):
try:
user, email, pw = d.split()
if user_datastore.find_user(email=email, username=user) is None:
validate_email(email)
# create new admin (only if admin does not already exist)
user_datastore.create_user(email=email, username=user, password=hash_password(pw))
except Exception as e:
print(f"Error while parsing line {i} in admin config file. Config file should contain lines of "
f"'<username> <email> <password>\\n'\n Exception: {e}\nAdmin account could not be created.")
db.session.commit()
# Create a user to test with # Create a user to test with
@app.before_first_request @app.before_first_request
def create_user(): def create_user():
db.create_all() db.create_all()
if not user_datastore.find_user(email='admin@example.com', username="admin"): if config.admin_file is not None:
user_datastore.create_user(email='admin@example.com', username="admin", password=hash_password("password")) # create admin accounts from given file
create_admins(config.admin_file)
db.session.commit() db.session.commit()
@app.route('/') @app.route('/')
def door_lock(): def door_lock():
return render_template('index.html', door_state=door.state, encoder_position=door.encoder_position) return render_template('index.html', door_state=door.state, encoder_position=door.encoder_position)