PyLink/coremods/login.py

"""
login.py - Implement core login abstraction.
"""

from pylinkirc import conf, utils, world
from pylinkirc.log import log

try:
    from passlib.context import CryptContext
except ImportError:
    CryptContext = None
    log.warning("Hashed passwords are disabled because passlib is not installed. Please install "
                "it (pip3 install passlib) and restart for this feature to work.")

pwd_context = None
if CryptContext:
    pwd_context = CryptContext(["sha512_crypt", "sha256_crypt"],
                               sha256_crypt__default_rounds=180000,
                               sha512_crypt__default_rounds=90000)

def _get_account(accountname):
    """
    Returns the login data block for the given account name (case-insensitive), or False if none
    exists.
    """
    accounts = {k.lower(): v for k, v in
                conf.conf['login'].get('accounts', {}).items()}

    try:
        return accounts[accountname.lower()]
    except KeyError:
        return False

def check_login(user, password):
    """Checks whether the given user and password is a valid combination."""
    account = _get_account(user)

    if account:
        passhash = account.get('password')
        if not passhash:
            # No password given, return. XXX: we should allow plugins to override
            # this in the future.
            return False

        # Hashing in account passwords is optional.
        if account.get('encrypted', False):
            return verify_hash(password, passhash)
        else:
            return password == passhash

    return False

def verify_hash(password, passhash):
    """Checks whether the password given matches the hash."""
    if password:
        if not pwd_context:
            raise utils.NotAuthorizedError("Cannot log in to an account with a hashed password "
                                           "because passlib is not installed.")

        return pwd_context.verify(password, passhash)
    return False  # No password given!

def _irc_try_login(irc, source, username, skip_checks=False):
    """Internal function to process logins via IRC."""
    if irc.is_internal_client(source):
        irc.error("Cannot use 'identify' via a command proxy.")
        return

    if not skip_checks:
        logindata = _get_account(username)

        network_filter = logindata.get('networks')
        require_oper = logindata.get('require_oper', False)
        hosts_filter = logindata.get('hosts', [])

        if network_filter and irc.name not in network_filter:
            log.warning("(%s) Failed login to %r from %s (wrong network: networks filter says %r but we got %r)",
                        irc.name, username, irc.get_hostmask(source), ', '.join(network_filter), irc.name)
            raise utils.NotAuthorizedError("Account is not authorized to login on this network.")

        elif require_oper and not irc.is_oper(source):
            log.warning("(%s) Failed login to %r from %s (needs oper)", irc.name, username, irc.get_hostmask(source))
            raise utils.NotAuthorizedError("You must be opered.")

        elif hosts_filter and not any(irc.match_host(host, source) for host in hosts_filter):
            log.warning("(%s) Failed login to %r from %s (hostname mismatch)", irc.name, username, irc.get_hostmask(source))
            raise utils.NotAuthorizedError("Hostname mismatch.")

    irc.users[source].account = username
    irc.reply('Successfully logged in as %s.' % username)
    log.info("(%s) Successful login to %r by %s",
             irc.name, username, irc.get_hostmask(source))
    return True

def identify(irc, source, args):
    """<username> <password>

    Logs in to PyLink using the configured administrator account."""
    if irc.is_channel(irc.called_in):
        irc.reply('Error: This command must be sent in private. '
                  '(Would you really type a password inside a channel?)')
        return
    try:
        username, password = args[0], args[1]
    except IndexError:
        irc.reply('Error: Not enough arguments.')
        return

    # Process new-style accounts.
    if check_login(username, password):
        _irc_try_login(irc, source, username)
        return

    # Process legacy logins (login:user).
    if username.lower() == conf.conf['login'].get('user', '').lower() and password == conf.conf['login'].get('password'):
        realuser = conf.conf['login']['user']
        _irc_try_login(irc, source, realuser, skip_checks=True)
        return

    # Username not found or password incorrect.
    log.warning("(%s) Failed login to %r from %s", irc.name, username, irc.get_hostmask(source))
    raise utils.NotAuthorizedError('Bad username or password.')

utils.add_cmd(identify, aliases=('login', 'id'))
Import coremods/login.py (abstracted login checking) from @IotaSpencer's repo 2016-11-20 01:29:39 +01:00			`"""`
Switch 'identify' to use the new login backend, add passlib to README dependencies This new backend supports optional encryption (sha256_crypt / sha512_crypt via passlib). Closes #322. 2016-11-20 02:00:18 +01:00			`login.py - Implement core login abstraction.`
Import coremods/login.py (abstracted login checking) from @IotaSpencer's repo 2016-11-20 01:29:39 +01:00			`"""`

			`from pylinkirc import conf, utils, world`
			`from pylinkirc.log import log`
core: update "missing dependencies" errors Closes #363. 2016-12-10 02:15:53 +01:00
			`try:`
			`from passlib.context import CryptContext`
			`except ImportError:`
core: make passlib an optional dependency 2017-01-23 01:16:25 +01:00			`CryptContext = None`
			`log.warning("Hashed passwords are disabled because passlib is not installed. Please install "`
			`"it (pip3 install passlib) and restart for this feature to work.")`
login: Use a slightly faster CryptContext 2016-11-20 02:47:55 +01:00
core: make passlib an optional dependency 2017-01-23 01:16:25 +01:00			`pwd_context = None`
			`if CryptContext:`
			`pwd_context = CryptContext(["sha512_crypt", "sha256_crypt"],`
			`sha256_crypt__default_rounds=180000,`
			`sha512_crypt__default_rounds=90000)`
Import coremods/login.py (abstracted login checking) from @IotaSpencer's repo 2016-11-20 01:29:39 +01:00
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00			`def _get_account(accountname):`
			`"""`
			`Returns the login data block for the given account name (case-insensitive), or False if none`
			`exists.`
			`"""`
			`accounts = {k.lower(): v for k, v in`
			`conf.conf['login'].get('accounts', {}).items()}`
Switch 'identify' to use the new login backend, add passlib to README dependencies This new backend supports optional encryption (sha256_crypt / sha512_crypt via passlib). Closes #322. 2016-11-20 02:00:18 +01:00
Import coremods/login.py (abstracted login checking) from @IotaSpencer's repo 2016-11-20 01:29:39 +01:00			`try:`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00			`return accounts[accountname.lower()]`
			`except KeyError:`
Import coremods/login.py (abstracted login checking) from @IotaSpencer's repo 2016-11-20 01:29:39 +01:00			`return False`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00
			`def check_login(user, password):`
			`"""Checks whether the given user and password is a valid combination."""`
			`account = _get_account(user)`

			`if account:`
Switch 'identify' to use the new login backend, add passlib to README dependencies This new backend supports optional encryption (sha256_crypt / sha512_crypt via passlib). Closes #322. 2016-11-20 02:00:18 +01:00			`passhash = account.get('password')`
			`if not passhash:`
			`# No password given, return. XXX: we should allow plugins to override`
			`# this in the future.`
			`return False`
Import coremods/login.py (abstracted login checking) from @IotaSpencer's repo 2016-11-20 01:29:39 +01:00
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00			`# Hashing in account passwords is optional.`
Switch 'identify' to use the new login backend, add passlib to README dependencies This new backend supports optional encryption (sha256_crypt / sha512_crypt via passlib). Closes #322. 2016-11-20 02:00:18 +01:00			`if account.get('encrypted', False):`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00			`return verify_hash(password, passhash)`
Switch 'identify' to use the new login backend, add passlib to README dependencies This new backend supports optional encryption (sha256_crypt / sha512_crypt via passlib). Closes #322. 2016-11-20 02:00:18 +01:00			`else:`
			`return password == passhash`
Simplify/rewrite the login module 2016-11-20 01:29:53 +01:00
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00			`return False`

			`def verify_hash(password, passhash):`
Simplify/rewrite the login module 2016-11-20 01:29:53 +01:00			`"""Checks whether the password given matches the hash."""`
			`if password:`
core: make passlib an optional dependency 2017-01-23 01:16:25 +01:00			`if not pwd_context:`
			`raise utils.NotAuthorizedError("Cannot log in to an account with a hashed password "`
			`"because passlib is not installed.")`
Simplify/rewrite the login module 2016-11-20 01:29:53 +01:00
core: make passlib an optional dependency 2017-01-23 01:16:25 +01:00			`return pwd_context.verify(password, passhash)`
			`return False # No password given!`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00
login: fix login for legacy accounts (#590) 2018-05-26 10:27:12 +02:00			`def _irc_try_login(irc, source, username, skip_checks=False):`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00			`"""Internal function to process logins via IRC."""`
			`if irc.is_internal_client(source):`
			`irc.error("Cannot use 'identify' via a command proxy.")`
			`return`

login: fix login for legacy accounts (#590) 2018-05-26 10:27:12 +02:00			`if not skip_checks:`
			`logindata = _get_account(username)`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00
login: fix login for legacy accounts (#590) 2018-05-26 10:27:12 +02:00			`network_filter = logindata.get('networks')`
			`require_oper = logindata.get('require_oper', False)`
			`hosts_filter = logindata.get('hosts', [])`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00
login: fix login for legacy accounts (#590) 2018-05-26 10:27:12 +02:00			`if network_filter and irc.name not in network_filter:`
			`log.warning("(%s) Failed login to %r from %s (wrong network: networks filter says %r but we got %r)",`
			`irc.name, username, irc.get_hostmask(source), ', '.join(network_filter), irc.name)`
			`raise utils.NotAuthorizedError("Account is not authorized to login on this network.")`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00
coremods, plugins, protocols: drop now redundant allowAuthed=False in is_oper() calls 2018-06-12 08:56:44 +02:00			`elif require_oper and not irc.is_oper(source):`
login: fix login for legacy accounts (#590) 2018-05-26 10:27:12 +02:00			`log.warning("(%s) Failed login to %r from %s (needs oper)", irc.name, username, irc.get_hostmask(source))`
			`raise utils.NotAuthorizedError("You must be opered.")`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00
login: fix login for legacy accounts (#590) 2018-05-26 10:27:12 +02:00			`elif hosts_filter and not any(irc.match_host(host, source) for host in hosts_filter):`
			`log.warning("(%s) Failed login to %r from %s (hostname mismatch)", irc.name, username, irc.get_hostmask(source))`
			`raise utils.NotAuthorizedError("Hostname mismatch.")`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00
			`irc.users[source].account = username`
			`irc.reply('Successfully logged in as %s.' % username)`
			`log.info("(%s) Successful login to %r by %s",`
			`irc.name, username, irc.get_hostmask(source))`
			`return True`

			`def identify(irc, source, args):`
			`"""<username> <password>`

			`Logs in to PyLink using the configured administrator account."""`
			`if irc.is_channel(irc.called_in):`
			`irc.reply('Error: This command must be sent in private. '`
			`'(Would you really type a password inside a channel?)')`
			`return`
			`try:`
			`username, password = args[0], args[1]`
			`except IndexError:`
			`irc.reply('Error: Not enough arguments.')`
			`return`

			`# Process new-style accounts.`
			`if check_login(username, password):`
			`_irc_try_login(irc, source, username)`
			`return`

			`# Process legacy logins (login:user).`
			`if username.lower() == conf.conf['login'].get('user', '').lower() and password == conf.conf['login'].get('password'):`
			`realuser = conf.conf['login']['user']`
login: fix login for legacy accounts (#590) 2018-05-26 10:27:12 +02:00			`_irc_try_login(irc, source, realuser, skip_checks=True)`
Rewrite login handling (Closes #590) * Move identify command and login helpers into coremods.login - corecommands._login -> login._irc_try_login * Add login._get_account() function to consistently fetch login block info * Rename functions in coremods.login to snake case: - checkLogin -> check_login - verifyHash -> verify_hash * Replace explicit returns in login checks with raising utils.NotAuthorizedError() 2018-05-26 08:50:55 +02:00			`return`

			`# Username not found or password incorrect.`
			`log.warning("(%s) Failed login to %r from %s", irc.name, username, irc.get_hostmask(source))`
			`raise utils.NotAuthorizedError('Bad username or password.')`

			`utils.add_cmd(identify, aliases=('login', 'id'))`