From bcf99f1c0ca14d817f8cf235814b5fcbc9ea5a43 Mon Sep 17 00:00:00 2001
From: Michael Elkins <melkins@tislabs.com>
Date: Fri, 29 Oct 2010 17:59:15 +0000
Subject: adduser now adds the user to the apache password file if not already
 present

svn path=/portal-gui/scripts/adduser.py; revision=3512
---
 portal-gui/scripts/adduser.py | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

(limited to 'portal-gui/scripts/adduser.py')

diff --git a/portal-gui/scripts/adduser.py b/portal-gui/scripts/adduser.py
index 22454823..f5740ba9 100755
--- a/portal-gui/scripts/adduser.py
+++ b/portal-gui/scripts/adduser.py
@@ -24,6 +24,24 @@ from rpkigui.myrpki.models import Conf, Parent
 
 import os
 import sys
+import hashlib
+import getpass
+
+# FIXME: hardcoded for now
+realm = 'myrpki'
+
+def user_has_password(passfile, username):
+    'returns True if username is found in the specified password file'
+    with open(passfile,'r') as f:
+        for line in f:
+            if line.split(':')[0] == username:
+                return True
+    return False
+
+def update_apache_auth_file(passfile, username, realm, password):
+    ha1 = hashlib.md5("%s:%s:%s" % (username, realm, password)).hexdigest()
+    with open(passfile, 'a') as f:
+        f.write("%s:%s:%s\n" % (username, realm, ha1))
 
 if __name__ == '__main__':
     if len(sys.argv) < 3:
@@ -86,4 +104,19 @@ prefix_csv=%(path)s/prefixes.csv""" % { 'path': myrpki_dir }
             with open(fname, 'w') as f:
                 pass # just create an empty file
 
+    # add a password for this user to the apache passwd file if not present
+
+    #determine where the passwd file is likely to reside
+    # <prefix>/portal-gui/scripts/adduser.py
+    path = os.path.realpath(sys.argv[0])
+    prefix = '/'.join(path.split('/')[:-2]) # strip trailing components
+    passfile = prefix+'/htpasswd'
+    print 'passfile=', passfile
+    if not user_has_password(passfile, username):
+        print 'adding user to apache password file'
+        password = getpass.getpass()
+        update_apache_auth_file(passfile, username, realm, password)
+    else:
+        print 'user is already present in apache password file'
+
 # vim:sw=4 ts=8
-- 
cgit v1.2.3