docker/mailu
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #246 from trnila/configurable-crypt-scheme

Browse Source 
Configurable default password scheme used for passwords
This commit is contained in:
kaiyou
2017-09-03 14:33:03 +02:00
committed by GitHub
parent cd8a29ee1a da7c39263c
commit 213ee1d8b6
4 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.env.dist
View File

@@ -32,6 +32,10 @@ POSTMASTER=admin
# Docker-compose project name, this will prepended to containers names. # Docker-compose project name, this will prepended to containers names.
COMPOSE_PROJECT_NAME=mailu COMPOSE_PROJECT_NAME=mailu
# Default password scheme used for newly created accounts and changed passwords
# (value: SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, CRYPT)
PASSWORD_SCHEME=SHA512-CRYPT
################################### ###################################
# Optional features # Optional features
################################### ###################################

3
admin/mailu/__init__.py
View File

@@ -30,7 +30,8 @@ default_config = {
'BABEL_DEFAULT_LOCALE': 'en', 'BABEL_DEFAULT_LOCALE': 'en',
'BABEL_DEFAULT_TIMEZONE': 'UTC', 'BABEL_DEFAULT_TIMEZONE': 'UTC',
'ENABLE_CERTBOT': False, 'ENABLE_CERTBOT': False,
'CERTS_PATH': '/certs' 'CERTS_PATH': '/certs',
'PASSWORD_SCHEME': 'SHA512-CRYPT'
} }
# Load configuration from the environment if available # Load configuration from the environment if available

4
admin/mailu/admin/models.py
View File

@@ -169,14 +169,14 @@ class User(Base, Email):
'CRYPT': "des_crypt"} 'CRYPT': "des_crypt"}
pw_context = context.CryptContext( pw_context = context.CryptContext(
schemes = scheme_dict.values(), schemes = scheme_dict.values(),
default='sha512_crypt', default=scheme_dict[app.config['PASSWORD_SCHEME']],
) )
def check_password(self, password): def check_password(self, password):
reference = re.match('({[^}]+})?(.*)', self.password).group(2) reference = re.match('({[^}]+})?(.*)', self.password).group(2)
return User.pw_context.verify(password, reference) return User.pw_context.verify(password, reference)
def set_password(self, password, hash_scheme='SHA512-CRYPT', raw=False): def set_password(self, password, hash_scheme=app.config['PASSWORD_SCHEME'], raw=False):
"""Set password for user with specified encryption scheme """Set password for user with specified encryption scheme
@password: plain text password to encrypt (if raw == True the hash itself) @password: plain text password to encrypt (if raw == True the hash itself)
""" """

6
admin/manage.py
View File

@@ -1,4 +1,4 @@
from mailu import manager, db from mailu import app, manager, db
from mailu.admin import models from mailu.admin import models
@@ -35,7 +35,7 @@ def admin(localpart, domain_name, password):
@manager.command @manager.command
def user(localpart, domain_name, password, hash_scheme='SHA512-CRYPT'): def user(localpart, domain_name, password, hash_scheme=app.config['PASSWORD_SCHEME']):
""" Create a user """ Create a user
""" """
domain = models.Domain.query.get(domain_name) domain = models.Domain.query.get(domain_name)
@@ -52,7 +52,7 @@ def user(localpart, domain_name, password, hash_scheme='SHA512-CRYPT'):
db.session.commit() db.session.commit()
@manager.command @manager.command
def user_import(localpart, domain_name, password_hash, hash_scheme='SHA512-CRYPT'): def user_import(localpart, domain_name, password_hash, hash_scheme=app.config['PASSWORD_SCHEME']):
""" Import a user along with password hash. Available hashes: """ Import a user along with password hash. Available hashes:
'SHA512-CRYPT' 'SHA512-CRYPT'
'SHA256-CRYPT' 'SHA256-CRYPT'