diff --git a/diaspora_auth_provider.py b/diaspora_auth_provider.py
index 5d012e12e673a417afa79b756fd4b736a09aad64..5ab5004dfaba4d0ff108dfe0be9c6a83fa9cf048 100644
--- a/diaspora_auth_provider.py
+++ b/diaspora_auth_provider.py
@@ -18,22 +18,34 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
from twisted.internet import defer, threads
-import psycopg2
import bcrypt
import logging
-__VERSION__ = "0.0.3"
+__VERSION__ = "0.0.4"
logger = logging.getLogger(__name__)
class DiasporaAuthProvider:
- __version__ = "0.0.3"
+ __version__ = "0.0.4"
def __init__(self, config, account_handler):
self.account_handler = account_handler
self.config = config
+ if self.config.engine == "mysql":
+ import pymysql
+ self.module = pymysql
+ elif self.config.engine == 'postgres':
+ import psycopg2
+ self.module = psycopg2
+ self.connection = self.module.connect(
+ database=self.config.db_name,
+ user=self.config.db_username,
+ password=self.config.db_password,
+ host=self.config.db_host,
+ port=self.config.db_port
+ )
@defer.inlineCallbacks
def check_password(self, user_id, password):
@@ -43,50 +55,43 @@ class DiasporaAuthProvider:
local_part = user_id.split(':', 1)[0][1:]
logger.info("Checking if user {} exists.".format(local_part))
try:
- with psycopg2.connect(
- dbname=self.config.db_name,
- user=self.config.db_username,
- password=self.config.db_password,
- host=self.config.db_host,
- port=self.config.db_port
- ) as connection:
- with connection.cursor() as cursor:
- yield threads.deferToThread( # Don't think this is needed, but w/e
- cursor.execute,
- "SELECT username, encrypted_password FROM users WHERE username=%s",
- (local_part,)
- )
- user = yield threads.deferToThread(
- cursor.fetchone
- )
- # check if the user exists.
- if not user:
- logger.info("User {} does not exist. Rejecting auth request".format(local_part))
- defer.returnValue(False)
- logger.debug("User {} exists. Checking password".format(local_part))
- # user exists, check if the password is correct.
- encrypted_password = user[1]
- peppered_pass = "{}{}".format(password, self.config.pepper)
- if not (bcrypt.hashpw(peppered_pass.encode('utf8'), encrypted_password.encode('utf8')) \
- == encrypted_password.encode('utf8')):
- logger.info("Password given for {} is wrong. Rejecting auth request.".format(local_part))
- defer.returnValue(False)
- # Ok, user's password is correct. check if the user exists in the homeserver db.
- # and create it if doesn't exist.
- if (yield self.account_handler.check_user_exists(user_id)):
- logger.info("User {} does exist in synapse db. Authentication complete".format(local_part))
- defer.returnValue(True)
- # User not in synapse db. need to create it.
- logger.info("User {} does not exist in synapse db. creating it.".format(local_part))
- user_id, access_token = (
- yield self.account_handler.register(localpart=local_part)
- )
- logger.info(
- "Registration based on diaspora complete. UserID: {}.".format(user_id)
- )
- logger.info("Confirming authentication request.")
- defer.returnValue(True)
- except psycopg2.Error as e:
+ with self.connection.cursor() as cursor:
+ yield threads.deferToThread( # Don't think this is needed, but w/e
+ cursor.execute,
+ "SELECT username, encrypted_password FROM users WHERE username=%s",
+ (local_part,)
+ )
+ user = yield threads.deferToThread(
+ cursor.fetchone
+ )
+ # check if the user exists.
+ if not user:
+ logger.info("User {} does not exist. Rejecting auth request".format(local_part))
+ defer.returnValue(False)
+ logger.debug("User {} exists. Checking password".format(local_part))
+ # user exists, check if the password is correct.
+ encrypted_password = user[1]
+ peppered_pass = "{}{}".format(password, self.config.pepper)
+ if not (bcrypt.hashpw(peppered_pass.encode('utf8'), encrypted_password.encode('utf8'))
+ == encrypted_password.encode('utf8')):
+ logger.info("Password given for {} is wrong. Rejecting auth request.".format(local_part))
+ defer.returnValue(False)
+ # Ok, user's password is correct. check if the user exists in the homeserver db.
+ # and create it if doesn't exist.
+ if (yield self.account_handler.check_user_exists(user_id)):
+ logger.info("User {} does exist in synapse db. Authentication complete".format(local_part))
+ defer.returnValue(True)
+ # User not in synapse db. need to create it.
+ logger.info("User {} does not exist in synapse db. creating it.".format(local_part))
+ user_id, access_token = (
+ yield self.account_handler.register(localpart=local_part)
+ )
+ logger.info(
+ "Registration based on diaspora complete. UserID: {}.".format(user_id)
+ )
+ logger.info("Confirming authentication request.")
+ defer.returnValue(True)
+ except self.module.Error as e:
logger.warning("Error during diaspora authentication: {}".format(e))
defer.returnValue(False)
@@ -95,6 +100,7 @@ class DiasporaAuthProvider:
class _Conf:
pass
Conf = _Conf()
+ Conf.engine = config['database']['engine']
Conf.db_name = "diaspora_production" if not config['database']['name'] else config['database']['name']
Conf.db_host = config['database']['host']
Conf.db_port = config['database']['port']
diff --git a/setup.py b/setup.py
index 33f56c1949b8c430583e445c8bb6f6250c7dbf44..515990cb5000739b6aa4291e32c1dac6a05bf0b4 100644
--- a/setup.py
+++ b/setup.py
@@ -46,7 +46,7 @@ setup(
version=exec_file("diaspora_auth_provider.py", "__VERSION__"),
py_modules=["diaspora_auth_provider"],
- description="An LDAP3 auth provider for Synapse",
+ description="A Diaspora* auth provider for Synapse",
install_requires=[
"Twisted>=15.1.0",
"psycopg2",