diff --git a/readme.md b/readme.md index f90f70f..deecc27 100644 --- a/readme.md +++ b/readme.md @@ -127,7 +127,7 @@ The required schema in the database is topic VARCHAR(256) NOT NULL, rw INTEGER(1) NOT NULL DEFAULT 1, -- 1 is read, 2 is write, 3 is readwrite, 4 is subscribe PRIMARY KEY (id), - CONSTRAINT `fk_book_author` + CONSTRAINT `fk_users_user` FOREIGN KEY (user) REFERENCES users_t (id) ON DELETE CASCADE ON UPDATE CASCADE @@ -145,6 +145,10 @@ The password is generated using the `pw` tool provided by mosquitto-go-auth, whi For further information consult the readme and the examples in the mosquitto-go-auth project (https://github.com/iegomez/mosquitto-go-auth or https://github.com/wollud1969/mosquitto-go-auth). +For MariaDB and PostgreSQL there are prepared table create statements in the repository, + +For PostgresSQL there is a prepared Python tool in the directory `tools` available to added users into the database. + ## Preparing configuration and certificates diff --git a/tools/genpw.py b/tools/genpw.py index 42df04c..b840251 100755 --- a/tools/genpw.py +++ b/tools/genpw.py @@ -5,15 +5,26 @@ from base64 import b64encode import argparse import secrets import string +import psycopg2 parser = argparse.ArgumentParser(description='genpw') parser.add_argument('--length', '-l', help='Length of auto-generated password', + default='24', required=False) parser.add_argument('--password', '-p', help='Password', required=False) +parser.add_argument('--username', '-u', + help='Username', + required=True) +parser.add_argument('--topic', '-t', + help='Initially granted topic', + required=True) +parser.add_argument('--acl', '-a', + help='ACL value for topic, Bit0=read, Bit1=write, Bit2=subscribe', + required=True) args = parser.parse_args() length = args.length @@ -32,5 +43,32 @@ hash = b64encode(PBKDF2(password, salt, iterations=iterations, digestmodule=sha5 salt_b64 = b64encode(salt).decode() +pw = f"PBKDF2$sha512${iterations}${salt_b64}${hash}" print(f"{password=}") -print(f"PBKDF2$sha512${iterations}${salt_b64}${hash}") +print(f"hash={pw}") + + +login = args.username +topic = args.topic +acl = int(args.acl) + +conn = psycopg2.connect() +conn.autocommit = False + +try: + with conn: + with conn.cursor() as cur: + cur.execute('insert into users_t (username, pw) values(%(username)s, %(pw)s) returning id', + { 'username': login, 'pw': pw }) + res = cur.fetchone() + if res is None: + raise Exception("Unable to add user to database") + id = res[0] + print("User added to database") + with conn.cursor() as cur: + cur.execute('insert into acls_t ("user", topic, rw) values(%(user)s, %(topic)s, %(rw)s)', + { 'user': id, 'topic': topic, 'rw': acl }) + print("ACL added to database") +finally: + if conn: + conn.close() diff --git a/tools/requirements.txt b/tools/requirements.txt index 1566a00..c495770 100644 --- a/tools/requirements.txt +++ b/tools/requirements.txt @@ -1 +1,2 @@ pbkdf2==1.3 +psycopg2==2.9.5