Baguette/authd
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: Baguette:22cea49f03f665109aa5971b4e83a5fe62d94cbf
Branches Tags
Baguette:main
..
compare: Baguette:ebcedc44ce0f81f8ef221fc6218a124faf5bce85
Branches Tags
Baguette:main

No commits in common. "22cea49f03f665109aa5971b4e83a5fe62d94cbf" and "ebcedc44ce0f81f8ef221fc6218a124faf5bce85" have entirely different histories.
22cea49f03 ... ebcedc44ce

3 changed files with 48 additions and 111 deletions
Show stats Expand all files Collapse all files

28
man/authctl.1
View file

@ -134,69 +134,65 @@ Subcommands:
.Bl -tag -width "change-password" -compact .Bl -tag -width "change-password" -compact
.It Li add .It Li add
Adding a user to the DB. Adding a user to the DB.
.br .It ""
.Nm add .Nm add
.Ar login .Ar login
.Ar email-address .Ar email-address
.It Li migrate .It Li migrate
Adding a user from old code base. Adding a user from old code base.
.br .It ""
.Nm migrate .Nm migrate
.Ar login .Ar login
.Ar hashed-password-old-algorithm .Ar hashed-password-old-algorithm
.It Li mod .It Li mod
Modify a user account. Modify a user account.
.br .It ""
.Nm mod .Nm mod
.Ar userid .Ar userid
.Bq Fl e Ar email | Fl P Ar profile .Bq Fl e Ar email | Fl P Ar profile
.It Li change-password .It Li change-password
Change the password of a user (requires admin). Change the password of a user (requires admin).
.br .It ""
.Nm change-password .Nm change-password
.Ar userid .Ar userid
.It Li delete .It Li delete
Remove user. Remove user.
.br .It ""
.Nm delete .Nm delete
.Ar userid .Ar userid
.Op Ar userid...
.It Li validate .It Li validate
Validate user. Validate user.
.br .It ""
.Nm validate .Nm validate
.Ar login .Ar login
.Ar activation-key .Ar activation-key
.It Li get .It Li get
Get user info. Get user info.
.br .It ""
.Nm get .Nm get
.Ar login .Ar login
.Op Ar login...
.It Li search .It Li search
Search user. Search user.
.br .It ""
.Nm search .Nm search
.Ar login .Ar login
.Op Ar login...
.It Li recover .It Li recover
Recover user password. Recover user password.
.br .It ""
.Nm recover .Nm recover
.Ar login .Ar login
.Op Ar login...
.It Li register .It Li register
Register a user (requires activation from the token sent by email). Register a user (requires activation from the token sent by email).
.br .It ""
.Nm register .Nm register
.Ar login .Ar login
.Ar email-address .Ar email-address
@ -219,7 +215,7 @@ permission set user-id application resource permission
.br .br
Available permissions: Available permissions:
.Em none read edit admin . .Em none read edit admin .
.br .It ""
Example: Example:
.Nm authctl .Nm authctl
.Ar permission set 1000 dnsmanager .Ar permission set 1000 dnsmanager
@ -231,7 +227,7 @@ permission check user-id application resource
.br .br
Available permissions: Available permissions:
.Em none read edit admin . .Em none read edit admin .
.br .It ""
Example: Example:
.Nm authctl .Nm authctl
.Ar permission check 1000 forum .Ar permission check 1000 forum

63
src/better-parser.cr
View file

@ -35,35 +35,18 @@ opt_email = -> (parser : OptionParser) {
# Unrecognized parameters are used to create commands with multiple arguments. # Unrecognized parameters are used to create commands with multiple arguments.
# Example: user add _login email phone_ # Example: user add login email
# Here, login, email and phone are unrecognized arguments. # Here, login and email are unrecognized arguments.
# Still, the "user add" command expect them. # Still, the "user add" command expect them.
unrecognized_args_to_context_args = -> (parser : OptionParser, unrecognized_args_to_context_args = -> (parser : OptionParser, n_expected_args : Int32) {
nexact : Int32?,
at_least : Int32?) {
# With the right args, these will be interpreted as serialized data. # With the right args, these will be interpreted as serialized data.
parser.unknown_args do |args| parser.unknown_args do |args|
if args.size != n_expected_args
# either we test with the exact expected number of arguments or the least. Baguette::Log.error "expected number of arguments: #{n_expected_args}, received: #{args.size}"
if exact = nexact Baguette::Log.error "args: #{args}"
if args.size != exact
Baguette::Log.error "Wrong number of parameters: expected #{exact}, got #{args.size}"
Baguette::Log.error "#{parser}" Baguette::Log.error "#{parser}"
exit 1 exit 1
end end
elsif least = at_least
if args.size < least
Baguette::Log.error "Wrong number of parameters: expected at least #{least}, got #{args.size}"
Baguette::Log.error "#{parser}"
exit 1
end
else
Baguette::Log.error "Number of parameters not even provided!"
Baguette::Log.error "#{parser}"
exit 1
end
args.each do |arg| args.each do |arg|
Baguette::Log.debug "Unrecognized argument: #{arg} (adding to Context.args)" Baguette::Log.debug "Unrecognized argument: #{arg} (adding to Context.args)"
if Context.args.nil? if Context.args.nil?
@ -93,7 +76,7 @@ parser = OptionParser.new do |parser|
opt_profile.call parser opt_profile.call parser
opt_help.call parser opt_help.call parser
# login email # login email
unrecognized_args_to_context_args.call parser, 2, nil unrecognized_args_to_context_args.call parser, 2
end end
parser.on "exit", "Kill the service." do parser.on "exit", "Kill the service." do
@ -102,7 +85,7 @@ parser = OptionParser.new do |parser|
Context.command = "exit" Context.command = "exit"
opt_authd_login.call parser opt_authd_login.call parser
opt_help.call parser opt_help.call parser
unrecognized_args_to_context_args.call parser, 0, nil unrecognized_args_to_context_args.call parser, 0
end end
parser.on "migration-script", "Add a batch of users from old code base." do parser.on "migration-script", "Add a batch of users from old code base." do
@ -113,7 +96,7 @@ parser = OptionParser.new do |parser|
opt_profile.call parser opt_profile.call parser
opt_help.call parser opt_help.call parser
# user-db.txt # user-db.txt
unrecognized_args_to_context_args.call parser, 1, nil unrecognized_args_to_context_args.call parser, 1
end end
parser.on "user", "Operations on users." do parser.on "user", "Operations on users." do
@ -127,7 +110,7 @@ parser = OptionParser.new do |parser|
opt_profile.call parser opt_profile.call parser
opt_help.call parser opt_help.call parser
# login email # login email
unrecognized_args_to_context_args.call parser, 2, nil unrecognized_args_to_context_args.call parser, 2
end end
parser.on "migrate", "Add a user from old code base." do parser.on "migrate", "Add a user from old code base." do
@ -138,7 +121,7 @@ parser = OptionParser.new do |parser|
opt_profile.call parser opt_profile.call parser
opt_help.call parser opt_help.call parser
# login password-hash-brkn # login password-hash-brkn
unrecognized_args_to_context_args.call parser, 2, nil unrecognized_args_to_context_args.call parser, 2
end end
parser.on "mod", "Modify a user account." do parser.on "mod", "Modify a user account." do
@ -150,7 +133,7 @@ parser = OptionParser.new do |parser|
opt_profile.call parser opt_profile.call parser
opt_help.call parser opt_help.call parser
# userid # userid
unrecognized_args_to_context_args.call parser, 1, nil unrecognized_args_to_context_args.call parser, 1
end end
parser.on "change-password", "Change the password of a user (requires admin)." do parser.on "change-password", "Change the password of a user (requires admin)." do
@ -162,18 +145,18 @@ parser = OptionParser.new do |parser|
opt_profile.call parser opt_profile.call parser
opt_help.call parser opt_help.call parser
# userid # userid
unrecognized_args_to_context_args.call parser, 1, nil unrecognized_args_to_context_args.call parser, 1
end end
parser.on "delete", "Remove user." do parser.on "delete", "Remove user." do
parser.banner = "Usage: user delete userid [userid ...]" parser.banner = "Usage: user delete userid [opt]"
Baguette::Log.info "Remove user." Baguette::Log.info "Remove user."
Context.command = "user-delete" Context.command = "user-delete"
# You can either be the owner of the account, or an admin. # You can either be the owner of the account, or an admin.
opt_authd_login.call parser opt_authd_login.call parser
opt_help.call parser opt_help.call parser
# userid # userid
unrecognized_args_to_context_args.call parser, nil, 1 unrecognized_args_to_context_args.call parser, 1
end end
parser.on "validate", "Validate user." do parser.on "validate", "Validate user." do
@ -183,7 +166,7 @@ parser = OptionParser.new do |parser|
# No need to be authenticated. # No need to be authenticated.
opt_help.call parser opt_help.call parser
# login activation-key # login activation-key
unrecognized_args_to_context_args.call parser, 2, nil unrecognized_args_to_context_args.call parser, 2
end end
parser.on "get", "Get user info." do parser.on "get", "Get user info." do
@ -193,17 +176,17 @@ parser = OptionParser.new do |parser|
opt_authd_login.call parser opt_authd_login.call parser
opt_help.call parser opt_help.call parser
# login # login
unrecognized_args_to_context_args.call parser, nil, 1 unrecognized_args_to_context_args.call parser, 1
end end
parser.on "search", "Search user." do parser.on "search", "Search user." do
parser.banner = "Usage: user search login [login...]" parser.banner = "Usage: user search login [opt]"
Baguette::Log.info "Search user." Baguette::Log.info "Search user."
Context.command = "user-search" Context.command = "user-search"
opt_authd_login.call parser opt_authd_login.call parser
opt_help.call parser opt_help.call parser
# login # login
unrecognized_args_to_context_args.call parser, nil, 1 unrecognized_args_to_context_args.call parser, 1
end end
parser.on "recover", "Recover user password." do parser.on "recover", "Recover user password." do
@ -213,7 +196,7 @@ parser = OptionParser.new do |parser|
# No need to be authenticated. # No need to be authenticated.
opt_help.call parser opt_help.call parser
# login # login
unrecognized_args_to_context_args.call parser, nil, 1 unrecognized_args_to_context_args.call parser, 1
end end
@ -225,7 +208,7 @@ parser = OptionParser.new do |parser|
opt_profile.call parser opt_profile.call parser
opt_help.call parser opt_help.call parser
# login email # login email
unrecognized_args_to_context_args.call parser, 2, nil unrecognized_args_to_context_args.call parser, 2
end end
end end
@ -243,7 +226,7 @@ END
opt_authd_login.call parser opt_authd_login.call parser
opt_help.call parser opt_help.call parser
# userid application resource permission # userid application resource permission
unrecognized_args_to_context_args.call parser, 4, nil unrecognized_args_to_context_args.call parser, 4
end end
parser.on "check", "Check permissions." do parser.on "check", "Check permissions." do
@ -258,7 +241,7 @@ END
opt_authd_login.call parser opt_authd_login.call parser
opt_help.call parser opt_help.call parser
# userid application resource # userid application resource
unrecognized_args_to_context_args.call parser, 3, nil unrecognized_args_to_context_args.call parser, 3
end end
end end

58
src/client.cr
View file

@ -1,4 +1,3 @@
require "baguette-crystal-base"
require "option_parser" require "option_parser"
require "yaml" require "yaml"
require "./authd.cr" require "./authd.cr"
@ -243,13 +242,12 @@ class Actions
def user_deletion def user_deletion
args = Context.args.not_nil! args = Context.args.not_nil!
args.each do |u| userid = args[0].to_u32
Baguette::Log.info "Removing user #{u}"
userid = u.to_u32
res = authd.delete userid res = authd.delete userid
puts res puts res
end end
end
def user_validation def user_validation
args = Context.args.not_nil! args = Context.args.not_nil!
@ -258,22 +256,19 @@ class Actions
end end
def user_search def user_search
args = Context.args.not_nil! args = Context.args.not_nil!
args.each do |login| login = args[0]
pp! authd.search_user login pp! authd.search_user login
end end
end
def user_get def user_get
args = Context.args.not_nil! args = Context.args.not_nil!
args.each do |login| login = args[0]
pp! authd.get_user? login pp! authd.get_user? login
end end
end
def user_recovery def user_recovery
args = Context.args.not_nil! args = Context.args.not_nil!
args.each do |login| login = args[0]
pp! authd.ask_password_recovery login pp! authd.ask_password_recovery login
end end
end
def permission_check def permission_check
args = Context.args.not_nil! args = Context.args.not_nil!
@ -310,26 +305,6 @@ def main
# Authd connection. # Authd connection.
authd = AuthD::Client.new authd = AuthD::Client.new
# Read configuration.
simulation, no_configuration, configuration_file = Baguette::Configuration.option_parser
# Authd configuration.
authentication_config = if no_configuration
Baguette::Log.info "do not load a configuration file."
Baguette::Configuration::Auth.new
else
# Configuration file is for dnsmanagerd.
Baguette::Configuration::Auth.get || Baguette::Configuration::Auth.new
end
# FIXME I guess: why isn't this working?
#Baguette::Configuration.verbosity = authentication_config.verbosity
if key_file = authentication_config.secret_key_file
authentication_config.secret_key = File.read(key_file).chomp
end
# TODO: when I have the time, clean up this redundant piece of code. In the meantime, it works.
if login = Context.authd_login if login = Context.authd_login
pass = if p = Context.authd_pass pass = if p = Context.authd_pass
p p
@ -342,28 +317,11 @@ def main
case response case response
when Response::Login when Response::Login
uid = response.uid uid = response.uid
#token = response.token token = response.token
Baguette::Log.info "Authenticated as #{login} #{uid}" Baguette::Log.info "Authenticated as #{login} #{uid}, token: #{token}"
else else
raise "Cannot authenticate to authd with login #{login}: #{response}." raise "Cannot authenticate to authd with login #{login}: #{response}."
end end
else
Baguette::Log.info "no authd login from CLI."
if authentication_config.login.nil? || authentication_config.pass.nil?
Baguette::Log.info "no authd login from configuration either."
else
login = authentication_config.login.not_nil!
pass = authentication_config.pass.not_nil!
response = authd.login? login, pass
case response
when Response::Login
uid = response.uid
#token = response.token
Baguette::Log.info "Authenticated as #{login} #{uid}"
else
raise "Cannot authenticate to authd with login #{login}: #{response}."
end
end
end end
actions = Actions.new authd actions = Actions.new authd