From e42cc814064f47eb88e89a5685dc09f5b8e393de Mon Sep 17 00:00:00 2001
From: Shamil K Muhammed <noteness@disroot.org>
Date: Mon, 29 May 2017 20:32:36 +0530
Subject: [PATCH] Support MySQL database
A new engine variable is added to support switching of the
database engine. Currently supports postgresql and mysql databases.
This should be enough as mysql and postgres are the only 2 database
engines supported by diaspora*.
Closes #1
---
diaspora_auth_provider.py | 100 ++++++++++++++++++++------------------
setup.py | 2 +-
2 files changed, 54 insertions(+), 48 deletions(-)
diff --git a/diaspora_auth_provider.py b/diaspora_auth_provider.py
index 5d012e1..5ab5004 100644
--- a/diaspora_auth_provider.py
+++ b/diaspora_auth_provider.py
@@ -18,22 +18,34 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
from twisted.internet import defer, threads
-import psycopg2
import bcrypt
import logging
-__VERSION__ = "0.0.3"
+__VERSION__ = "0.0.4"
logger = logging.getLogger(__name__)
class DiasporaAuthProvider:
- __version__ = "0.0.3"
+ __version__ = "0.0.4"
def __init__(self, config, account_handler):
self.account_handler = account_handler
self.config = config
+ if self.config.engine == "mysql":
+ import pymysql
+ self.module = pymysql
+ elif self.config.engine == 'postgres':
+ import psycopg2
+ self.module = psycopg2
+ self.connection = self.module.connect(
+ database=self.config.db_name,
+ user=self.config.db_username,
+ password=self.config.db_password,
+ host=self.config.db_host,
+ port=self.config.db_port
+ )
@defer.inlineCallbacks
def check_password(self, user_id, password):
@@ -43,50 +55,43 @@ class DiasporaAuthProvider:
local_part = user_id.split(':', 1)[0][1:]
logger.info("Checking if user {} exists.".format(local_part))
try:
- with psycopg2.connect(
- dbname=self.config.db_name,
- user=self.config.db_username,
- password=self.config.db_password,
- host=self.config.db_host,
- port=self.config.db_port
- ) as connection:
- with connection.cursor() as cursor:
- yield threads.deferToThread( # Don't think this is needed, but w/e
- cursor.execute,
- "SELECT username, encrypted_password FROM users WHERE username=%s",
- (local_part,)
- )
- user = yield threads.deferToThread(
- cursor.fetchone
- )
- # check if the user exists.
- if not user:
- logger.info("User {} does not exist. Rejecting auth request".format(local_part))
- defer.returnValue(False)
- logger.debug("User {} exists. Checking password".format(local_part))
- # user exists, check if the password is correct.
- encrypted_password = user[1]
- peppered_pass = "{}{}".format(password, self.config.pepper)
- if not (bcrypt.hashpw(peppered_pass.encode('utf8'), encrypted_password.encode('utf8')) \
- == encrypted_password.encode('utf8')):
- logger.info("Password given for {} is wrong. Rejecting auth request.".format(local_part))
- defer.returnValue(False)
- # Ok, user's password is correct. check if the user exists in the homeserver db.
- # and create it if doesn't exist.
- if (yield self.account_handler.check_user_exists(user_id)):
- logger.info("User {} does exist in synapse db. Authentication complete".format(local_part))
- defer.returnValue(True)
- # User not in synapse db. need to create it.
- logger.info("User {} does not exist in synapse db. creating it.".format(local_part))
- user_id, access_token = (
- yield self.account_handler.register(localpart=local_part)
- )
- logger.info(
- "Registration based on diaspora complete. UserID: {}.".format(user_id)
- )
- logger.info("Confirming authentication request.")
- defer.returnValue(True)
- except psycopg2.Error as e:
+ with self.connection.cursor() as cursor:
+ yield threads.deferToThread( # Don't think this is needed, but w/e
+ cursor.execute,
+ "SELECT username, encrypted_password FROM users WHERE username=%s",
+ (local_part,)
+ )
+ user = yield threads.deferToThread(
+ cursor.fetchone
+ )
+ # check if the user exists.
+ if not user:
+ logger.info("User {} does not exist. Rejecting auth request".format(local_part))
+ defer.returnValue(False)
+ logger.debug("User {} exists. Checking password".format(local_part))
+ # user exists, check if the password is correct.
+ encrypted_password = user[1]
+ peppered_pass = "{}{}".format(password, self.config.pepper)
+ if not (bcrypt.hashpw(peppered_pass.encode('utf8'), encrypted_password.encode('utf8'))
+ == encrypted_password.encode('utf8')):
+ logger.info("Password given for {} is wrong. Rejecting auth request.".format(local_part))
+ defer.returnValue(False)
+ # Ok, user's password is correct. check if the user exists in the homeserver db.
+ # and create it if doesn't exist.
+ if (yield self.account_handler.check_user_exists(user_id)):
+ logger.info("User {} does exist in synapse db. Authentication complete".format(local_part))
+ defer.returnValue(True)
+ # User not in synapse db. need to create it.
+ logger.info("User {} does not exist in synapse db. creating it.".format(local_part))
+ user_id, access_token = (
+ yield self.account_handler.register(localpart=local_part)
+ )
+ logger.info(
+ "Registration based on diaspora complete. UserID: {}.".format(user_id)
+ )
+ logger.info("Confirming authentication request.")
+ defer.returnValue(True)
+ except self.module.Error as e:
logger.warning("Error during diaspora authentication: {}".format(e))
defer.returnValue(False)
@@ -95,6 +100,7 @@ class DiasporaAuthProvider:
class _Conf:
pass
Conf = _Conf()
+ Conf.engine = config['database']['engine']
Conf.db_name = "diaspora_production" if not config['database']['name'] else config['database']['name']
Conf.db_host = config['database']['host']
Conf.db_port = config['database']['port']
diff --git a/setup.py b/setup.py
index 33f56c1..515990c 100644
--- a/setup.py
+++ b/setup.py
@@ -46,7 +46,7 @@ setup(
version=exec_file("diaspora_auth_provider.py", "__VERSION__"),
py_modules=["diaspora_auth_provider"],
- description="An LDAP3 auth provider for Synapse",
+ description="A Diaspora* auth provider for Synapse",
install_requires=[
"Twisted>=15.1.0",
"psycopg2",
--
GitLab