add users to database

This commit is contained in:
Wolfgang Hottgenroth 2023-02-07 12:17:46 +01:00
parent 096afa6672
commit 588d9270f9
Signed by: wn
GPG Key ID: 836E9E1192A6B132
3 changed files with 45 additions and 2 deletions

View File

@ -127,7 +127,7 @@ The required schema in the database is
topic VARCHAR(256) NOT NULL, topic VARCHAR(256) NOT NULL,
rw INTEGER(1) NOT NULL DEFAULT 1, -- 1 is read, 2 is write, 3 is readwrite, 4 is subscribe rw INTEGER(1) NOT NULL DEFAULT 1, -- 1 is read, 2 is write, 3 is readwrite, 4 is subscribe
PRIMARY KEY (id), PRIMARY KEY (id),
CONSTRAINT `fk_book_author` CONSTRAINT `fk_users_user`
FOREIGN KEY (user) REFERENCES users_t (id) FOREIGN KEY (user) REFERENCES users_t (id)
ON DELETE CASCADE ON DELETE CASCADE
ON UPDATE CASCADE ON UPDATE CASCADE
@ -145,6 +145,10 @@ The password is generated using the `pw` tool provided by mosquitto-go-auth, whi
For further information consult the readme and the examples in the mosquitto-go-auth project (https://github.com/iegomez/mosquitto-go-auth or https://github.com/wollud1969/mosquitto-go-auth). For further information consult the readme and the examples in the mosquitto-go-auth project (https://github.com/iegomez/mosquitto-go-auth or https://github.com/wollud1969/mosquitto-go-auth).
For MariaDB and PostgreSQL there are prepared table create statements in the repository,
For PostgresSQL there is a prepared Python tool in the directory `tools` available to added users into the database.
## Preparing configuration and certificates ## Preparing configuration and certificates

View File

@ -5,15 +5,26 @@ from base64 import b64encode
import argparse import argparse
import secrets import secrets
import string import string
import psycopg2
parser = argparse.ArgumentParser(description='genpw') parser = argparse.ArgumentParser(description='genpw')
parser.add_argument('--length', '-l', parser.add_argument('--length', '-l',
help='Length of auto-generated password', help='Length of auto-generated password',
default='24',
required=False) required=False)
parser.add_argument('--password', '-p', parser.add_argument('--password', '-p',
help='Password', help='Password',
required=False) required=False)
parser.add_argument('--username', '-u',
help='Username',
required=True)
parser.add_argument('--topic', '-t',
help='Initially granted topic',
required=True)
parser.add_argument('--acl', '-a',
help='ACL value for topic, Bit0=read, Bit1=write, Bit2=subscribe',
required=True)
args = parser.parse_args() args = parser.parse_args()
length = args.length length = args.length
@ -32,5 +43,32 @@ hash = b64encode(PBKDF2(password, salt, iterations=iterations, digestmodule=sha5
salt_b64 = b64encode(salt).decode() salt_b64 = b64encode(salt).decode()
pw = f"PBKDF2$sha512${iterations}${salt_b64}${hash}"
print(f"{password=}") print(f"{password=}")
print(f"PBKDF2$sha512${iterations}${salt_b64}${hash}") print(f"hash={pw}")
login = args.username
topic = args.topic
acl = int(args.acl)
conn = psycopg2.connect()
conn.autocommit = False
try:
with conn:
with conn.cursor() as cur:
cur.execute('insert into users_t (username, pw) values(%(username)s, %(pw)s) returning id',
{ 'username': login, 'pw': pw })
res = cur.fetchone()
if res is None:
raise Exception("Unable to add user to database")
id = res[0]
print("User added to database")
with conn.cursor() as cur:
cur.execute('insert into acls_t ("user", topic, rw) values(%(user)s, %(topic)s, %(rw)s)',
{ 'user': id, 'topic': topic, 'rw': acl })
print("ACL added to database")
finally:
if conn:
conn.close()

View File

@ -1 +1,2 @@
pbkdf2==1.3 pbkdf2==1.3
psycopg2==2.9.5