forked from MirrorHub/synapse
52 lines
1.4 KiB
Python
Executable file
52 lines
1.4 KiB
Python
Executable file
#!/usr/bin/env python
|
|
|
|
import argparse
|
|
import getpass
|
|
import sys
|
|
|
|
import bcrypt
|
|
import yaml
|
|
|
|
bcrypt_rounds=12
|
|
password_pepper = ""
|
|
|
|
def prompt_for_pass():
|
|
password = getpass.getpass("Password: ")
|
|
|
|
if not password:
|
|
raise Exception("Password cannot be blank.")
|
|
|
|
confirm_password = getpass.getpass("Confirm password: ")
|
|
|
|
if password != confirm_password:
|
|
raise Exception("Passwords do not match.")
|
|
|
|
return password
|
|
|
|
if __name__ == "__main__":
|
|
parser = argparse.ArgumentParser(
|
|
description="Calculate the hash of a new password, so that passwords"
|
|
" can be reset")
|
|
parser.add_argument(
|
|
"-p", "--password",
|
|
default=None,
|
|
help="New password for user. Will prompt if omitted.",
|
|
)
|
|
parser.add_argument(
|
|
"-c", "--config",
|
|
type=argparse.FileType('r'),
|
|
help="Path to server config file. Used to read in bcrypt_rounds and password_pepper.",
|
|
)
|
|
|
|
args = parser.parse_args()
|
|
if "config" in args and args.config:
|
|
config = yaml.safe_load(args.config)
|
|
bcrypt_rounds = config.get("bcrypt_rounds", bcrypt_rounds)
|
|
password_config = config.get("password_config", {})
|
|
password_pepper = password_config.get("pepper", password_pepper)
|
|
password = args.password
|
|
|
|
if not password:
|
|
password = prompt_for_pass()
|
|
|
|
print bcrypt.hashpw(password + password_pepper, bcrypt.gensalt(bcrypt_rounds))
|