Add the option to disable password login.

Actually resolves GH-1140, finally.
2021-05-23 15:25:33 +02:00 · 2021-05-23 15:25:33 +02:00 · 742f4f825d
parent 04facade82
commit 742f4f825d
3 changed files with 24 additions and 4 deletions
--- a/plugins/User/plugin.py
+++ b/plugins/User/plugin.py
@ -110,6 +110,7 @@ class User(callbacks.Plugin):
        user, or use the identify command to identify just for a session.
        This command (and all other commands that include a password) must be
        sent to the bot privately, not in a channel.
+        Use "!" instead of <password> to disable password authentication.
        """
        addHostmask = True
        try:
@ -132,9 +133,17 @@ class User(callbacks.Plugin):
                return
        except KeyError:
            pass
+
+        if password == "!":
+            password = None
+        elif len(password) < 3:
+            irc.error(_('The password must be at least 3 characters long.'),
+                    Raise=True)
+
        user = ircdb.users.newUser()
        user.name = name
-        user.setPassword(password)
+        if password:
+            user.setPassword(password)
        if addHostmask:
            user.addHostmask(msg.prefix)
        ircdb.users.setUser(user)
--- a/plugins/User/test.py
+++ b/plugins/User/test.py
@ -105,6 +105,14 @@ class UserTestCase(PluginTestCase):
        m = self.irc.takeMsg()
        self.assertFalse(m is not None, m)

+    def testRegisterPasswordLength(self):
+        self.assertRegexp('register foo aa', 'at least 3 characters long.')
+
+    def testRegisterNoPassword(self):
+        self.assertNotError('register foo !')
+        self.assertRegexp('identify foo bar', 'your password is wrong.')
+        self.assertRegexp('identify foo !', 'your password is wrong.')
+
    def testRegisterUnregister(self):
        self.prefix = self.prefix1
        self.assertNotError('register foo bar')
--- a/src/ircdb.py
+++ b/src/ircdb.py
@ -251,16 +251,19 @@ class IrcUser(object):
            return self.capabilities.check(capability, ignoreOwner=ignoreOwner)

    def setPassword(self, password, hashed=False):
-        """Sets the user's password."""
+        """Sets the user's password. If password is None, it will be disabled."""
        if hashed or self.hashed:
            self.hashed = True
-            self.password = utils.saltHash(password)
+            if password is None:
+                self.password = ""
+            else:
+                self.password = utils.saltHash(password)
        else:
            self.password = password

    def checkPassword(self, password):
        """Checks the user's password."""
-        if password is None:
+        if password is None or not self.password:
            return False
        if self.hashed:
            (salt, _) = self.password.split('|')