Add add_user function to auth module.

2026-01-28 08:03:36 +00:00 · 2013-11-03 23:39:16 +00:00 · 2013-11-03 23:39:16 +00:00 · dbeb31dfa1
commit dbeb31dfa1
parent 198cea5b58
1 changed files with 29 additions and 0 deletions
--- a/modules/installed/lib/auth.py
+++ b/modules/installed/lib/auth.py
@ -15,6 +15,35 @@ import time

 cfg.session_key = '_cp_username'

+def add_user(username, passphrase, name='', email='', expert=False):
+    error = None
+    if not username: error = "Must specify a username!"
+    if not password: error = "Must specify a password!"
+
+    if error is None:
+        # hash the password whether the user exists, to foil timing
+        # side-channel attacks
+        pass_hash = bcrypt.encrypt(password)
+
+        if username in cfg.users.get_all():
+            error = "User already exists!"
+        else:
+            di = {
+                'username':username,
+                'name':name,
+                'email':email,
+                'expert':'on' if expert else 'off',
+                'groups':['expert'] if expert else [],
+                'passphrase':pass_hash,
+                'salt':pass_hash[7:29], # for bcrypt
+            }
+            new_user = User(di)
+            cfg.users.set(username,newuser)
+
+    if error:
+        cfg.log(error)
+    return error
+
 def check_credentials(username, passphrase):
    """Verifies credentials for username and passphrase.
    Returns None on success or a string describing the error on failure"""