|
|
|
@ -13,8 +13,9 @@ class userstatus(enum.Enum):
|
|
|
|
|
|
|
|
|
|
csprng = random.SystemRandom()
|
|
|
|
|
|
|
|
|
|
def add_user(userdb, *, username, password, email, parent, status):
|
|
|
|
|
"""Add a user to the database"""
|
|
|
|
|
def add_user(db, *, username, password, email, parent, status):
|
|
|
|
|
"""Add a user to the database
|
|
|
|
|
Will not commit the changes itself, so run .commit() on the database object yourself"""
|
|
|
|
|
global csprgn
|
|
|
|
|
|
|
|
|
|
assert type(username) == str
|
|
|
|
@ -26,6 +27,9 @@ def add_user(userdb, *, username, password, email, parent, status):
|
|
|
|
|
# Generate a user ID. SQLite uses 64 bit signed ints, so generate at max 2⁶³-1
|
|
|
|
|
userid = csprng.randrange(2**63)
|
|
|
|
|
|
|
|
|
|
# Unicode normalize the username
|
|
|
|
|
username = unicodedata.normalize('NFKC', username)
|
|
|
|
|
|
|
|
|
|
# First unicode normalize the password, then hash it with argon2
|
|
|
|
|
password = unicodedata.normalize('NFKC', password)
|
|
|
|
|
password = argon2.hash(password)
|
|
|
|
@ -34,15 +38,15 @@ def add_user(userdb, *, username, password, email, parent, status):
|
|
|
|
|
status = status.value
|
|
|
|
|
|
|
|
|
|
# Add the user into the database
|
|
|
|
|
cursor = userdb.cursor()
|
|
|
|
|
cursor = db.cursor()
|
|
|
|
|
cursor.execute('PRAGMA foreign_keys = ON;') # Fail if we insert a user with bogus parent field
|
|
|
|
|
cursor.execute('INSERT INTO users VALUES (?, ?, ?, ?, ?, ?, ?);', (userid, parent, status, password, username, email, ''))
|
|
|
|
|
userdb.commit()
|
|
|
|
|
|
|
|
|
|
def initialize_userdb(userdb, admin_user, admin_password):
|
|
|
|
|
"""Creates a bare-bones user database with only admin
|
|
|
|
|
def initialize_users(db, admin_user, admin_password):
|
|
|
|
|
"""Creates a bare-bones user table with only admin user
|
|
|
|
|
This should never be run outside of the initialization script"""
|
|
|
|
|
|
|
|
|
|
cursor = userdb.cursor()
|
|
|
|
|
cursor = db.cursor()
|
|
|
|
|
|
|
|
|
|
cursor.execute('''CREATE TABLE users (
|
|
|
|
|
id integer NOT NULL PRIMARY KEY,
|
|
|
|
@ -55,9 +59,30 @@ def initialize_userdb(userdb, admin_user, admin_password):
|
|
|
|
|
username text NOT NULL,
|
|
|
|
|
email text NOT NULL,
|
|
|
|
|
|
|
|
|
|
comment text NOT NULL
|
|
|
|
|
comment text NOT NULL,
|
|
|
|
|
|
|
|
|
|
FOREIGN KEY(parent) REFERENCES users(id)
|
|
|
|
|
);''')
|
|
|
|
|
|
|
|
|
|
userdb.commit()
|
|
|
|
|
add_user(db, username = admin_user, password = admin_password, email = '', parent = None, status = userstatus.admin)
|
|
|
|
|
|
|
|
|
|
add_user(userdb, username = admin_user, password = admin_password, email = '', parent = None, status = userstatus.admin)
|
|
|
|
|
db.commit()
|
|
|
|
|
|
|
|
|
|
def initialize_boards(db, boards):
|
|
|
|
|
"""Creates a table of boards
|
|
|
|
|
This should never be run outside of the initialization script"""
|
|
|
|
|
|
|
|
|
|
cursor = db.cursor()
|
|
|
|
|
|
|
|
|
|
cursor.execute('''CREATE TABLE boards (
|
|
|
|
|
id integer NOT NULL PRIMARY KEY,
|
|
|
|
|
name text NOT NULL
|
|
|
|
|
);''')
|
|
|
|
|
|
|
|
|
|
# .executemany() wants them in the format [("board1",), ("board2",), …]
|
|
|
|
|
boards = [(board_name,) for board_name in boards]
|
|
|
|
|
|
|
|
|
|
# Use NULL to have SQLite generate the IDs automatically
|
|
|
|
|
cursor.executemany('INSERT INTO boards VALUES (NULL, ?);', boards)
|
|
|
|
|
|
|
|
|
|
db.commit()
|
|
|
|
|