Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
2778fd5
orbit: hyperspace: do_bcrypt_hash: remove get parameter
charliemirabile May 1, 2024
2599121
orbit: hyperspace: remove ability to perform bcrypt hash
charliemirabile May 1, 2024
c6ce16f
orbit: hyperspace: remove unused -e option
charliemirabile May 1, 2024
f0536e7
orbit: hyperspace: remove ability to query for session by token
charliemirabile May 1, 2024
d057efa
orbit: hyperspace: remove ability to query specific user
charliemirabile May 1, 2024
ee7d9fb
orbit: hyperspace: remove ability to create sessions
charliemirabile May 1, 2024
957023f
orbit: hyperspace: remove ability to validate credentials
charliemirabile May 1, 2024
409d7af
orbit: hyperspace: only print output on error for action commands
charliemirabile May 1, 2024
dc15d1e
orbit: hyperspace: reorder args to group session and user commands
charliemirabile May 1, 2024
e432468
orbit: hyperspace: improve help output when no action is specified
charliemirabile May 1, 2024
9f11d30
orbit: hyperspace: improve need
charliemirabile May 1, 2024
ac5d7eb
orbit: radius: replace ad-hoc generation of tokens
charliemirabile May 1, 2024
aeb668c
orbit: radius: remove encode and decode helpers
charliemirabile May 1, 2024
8b58352
orbit: radius: cgit: prefer bytes.decode over str constructor
charliemirabile May 1, 2024
ec901b5
orbit: radius: inline form welcome buttons
charliemirabile May 1, 2024
d756be7
orbit: radius: upgrade login form to function
charliemirabile May 1, 2024
827541f
orbit: radius: inline register response
charliemirabile May 1, 2024
f9c3dfb
orbit: radius: inline form register
charliemirabile May 1, 2024
d83e5ef
orbit: radius: remove mk_table helper
charliemirabile May 1, 2024
da8ab4d
orbit: radius: remove unused str and repr functions
charliemirabile May 1, 2024
7e0afe2
orbit: radius: rocket: remove unused properties
charliemirabile May 1, 2024
e8e0ca0
orbit: get dependencies from `apk` instead of `pip`
charliemirabile May 1, 2024
025ac96
orbit: remove old files
charliemirabile May 1, 2024
57f2e4a
orbit: Containerfile: set workdir and prefer relative paths
charliemirabile May 1, 2024
0f3e606
orbit/submatrix: Containerfile: prefer array form of CMD instruction
charliemirabile May 1, 2024
9d311d8
orbit: Containerfile: only `chown` files that orbit needs to write
charliemirabile May 1, 2024
c06da56
orbit: Copy from additional contexts directly into final stage
charliemirabile May 1, 2024
f1515af
orbit: Containerfile: put orbit code in `/usr/local/share`
charliemirabile May 1, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion container-compose-dev.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,5 +17,5 @@ services:
volumes:
- type: bind
source: ./kdlp.underground.software
target: /orbit/docs
target: /usr/local/share/orbit/docs
read_only: true
1 change: 0 additions & 1 deletion orbit/.dockerignore

This file was deleted.

46 changes: 16 additions & 30 deletions orbit/Containerfile
Original file line number Diff line number Diff line change
@@ -1,24 +1,14 @@
FROM alpine:3.19 AS build

RUN apk update && apk upgrade && apk add \
python3-dev \
py3-pip \
build-base \
libffi-dev \
py3-peewee \
envsubst \
;

COPY requirements.txt /requirements.txt
RUN python3 -m venv /radius-venv && \
source /radius-venv/bin/activate && \
pip install -r requirements.txt && \
:

COPY . /orbit
WORKDIR /orbit
COPY . /usr/local/share/orbit
WORKDIR /usr/local/share/orbit

RUN mkdir -p /var/orbit/ && \
source /radius-venv/bin/activate && \
./db.py \
:

Expand All @@ -29,35 +19,31 @@ RUN test -n "$orbit_version_info" || (echo 'version info is not set' && false) &
rm config.py.template \
;

RUN mkdir \
/var/git \
/orbit/docs \
/etc/cgit \
;

COPY --from=orbit_singularity_git_dir . /var/git/singularity
COPY --from=orbit_docs_source . /orbit/docs
COPY --from=orbit_repos_source . /etc/cgit

FROM alpine:3.19 AS orbit

RUN apk update && apk upgrade && apk add \
python3 \
py3-bcrypt \
py3-peewee \
py3-markdown \
uwsgi-python3 \
uwsgi-http \
cgit \
;

COPY --from=build /orbit /orbit
COPY --from=build /radius-venv /radius-venv
WORKDIR /usr/local/share/orbit

COPY --from=build /usr/local/share/orbit /usr/local/share/orbit
COPY --from=orbit_docs_source . ./docs
COPY --from=build /var/orbit /var/orbit
COPY --from=build /var/git /var/git
COPY --from=build /etc/cgit /etc/cgit
COPY --from=orbit_singularity_git_dir . /var/git/singularity
COPY --from=orbit_repos_source . /etc/cgit

COPY cgitrc /etc/cgitrc

RUN chown -R 100:100 /orbit /radius-venv /var/orbit /var/git
RUN chown -R 100:100 /var/orbit

USER 100:100

EXPOSE 9098

CMD /bin/sh -c "source /radius-venv/bin/activate && uwsgi /orbit/radius.ini"
CMD ["uwsgi", "--plugin", "python,http", "./radius.ini"]
6 changes: 0 additions & 6 deletions orbit/README.md

This file was deleted.

5 changes: 2 additions & 3 deletions orbit/config.py
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@
version_info = '${orbit_version_info}'

# read these documents from a filesystem path
orbit_root = '/orbit'
doc_root = f'{orbit_root}/docs'
doc_header = f'{orbit_root}/header.html'
doc_root = './docs'
doc_header = './header.html'
database = '/var/orbit/orbit.db'

# duration of authentication token validity period
Expand Down
4 changes: 0 additions & 4 deletions orbit/dev-requirements.txt

This file was deleted.

100 changes: 18 additions & 82 deletions orbit/hyperspace.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,85 +8,45 @@

# internal imports
import config
from radius import Session


def errx(msg):
print(msg, file=sys.stderr)
exit(1)


def need(a, u=False, p=False, t=False):
def need(a, u=False, p=False):
needed = []
if u and a.username is None:
errx("Need username. Bye.")
needed.append('username')
if p and a.password is None:
errx("Need password. Bye.")
if t and a.token is None:
errx("Need token. Bye.")
needed.append('password')
if needed:
errx(f"Need {' and '.join(needed)}. Bye.")


def nou(u):
errx(f'no such user "{u}". Bye.')


def do_query_username(args):
need(args, u=True)
if not (user := db.User.get_or_none(db.User.username == args.username)):
nou(args.username)
print(f'Username : {user.username}\n'
f'Hashed Password : {user.pwdhash}\n'
f'Student ID : {user.student_id}')


def do_validate_token(args):
need(args, t=True)
Comment thread
charliemirabile marked this conversation as resolved.

ses = db.Session.get_or_none(db.Session.token == args.token)
if ses:
print(ses.username)
else:
print('null')


def do_drop_session(args):
need(args, u=True)
query = (db.Session
.delete()
.where(db.Session.username == args.username)
.returning(db.Session))

if ses := next(iter(query.execute()), None):
print(ses.username)
else:
print('null')


def do_create_session(args):
need(args, u=True)
ses = Session(username=args.username)
print(ses.token)

.where(db.Session.username == args.username))

def do_validate_creds(args):
need(args, u=True, p=True)
if not (user := db.User.get_or_none(db.User.username == args.username)):
nou(args.username)
if not bcrypt.checkpw(args.password.encode('utf-8'),
user.pwdhash.encode('utf-8')):
print('null')
return
print(f'credentials(username: {args.username}, password:{args.password})')
if query.execute() < 1:
errx('No session belonging to that user found')


def do_change_password(args):
need(args, u=True, p=True)
new_hash = do_bcrypt_hash(args, get=True)
new_hash = do_bcrypt_hash(args)
query = (db.User
.update({db.User.pwdhash: new_hash})
.where(db.User.username == args.username))
if query.execute() < 1:
nou(args.username)
Comment thread
charliemirabile marked this conversation as resolved.
print(f'credentials(username: {args.username}, password:{args.password})')


def do_delete_user(args):
Expand All @@ -96,30 +56,24 @@ def do_delete_user(args):
.where(db.User.username == args.username))
if query.execute() < 1:
nou(args.username)
print(args.username)


def do_bcrypt_hash(args, get=False):
def do_bcrypt_hash(args):
Comment thread
charliemirabile marked this conversation as resolved.
need(args, p=True)
res = str(bcrypt.hashpw(bytes(args.password, "UTF-8"),
bcrypt.gensalt()), "UTF-8")
if get:
return res
else:
print(res)
return bcrypt.hashpw(args.password.encode('utf-8'),
bcrypt.gensalt()).decode('utf-8')


def do_newuser(args):
need(args, u=True, p=True)
new_hash = do_bcrypt_hash(args, get=True)
new_hash = do_bcrypt_hash(args)
try:
db.User.create(username=args.username, pwdhash=new_hash,
student_id=args.studentid)
if args.studentid:
db.Registration.create(username=args.username,
password=args.password,
student_id=args.studentid)
do_validate_creds(args)
except db.peewee.IntegrityError as e:
errx(f'cannot create user with duplicate field: "{e}"')

Expand All @@ -145,9 +99,6 @@ def hyperspace_main(raw_args):
parser.add_argument('-u', '--username', help='Username to operate with')
parser.add_argument('-p', '--password', help='Password to operate with')
parser.add_argument('-i', '--studentid', help='Student ID to operate with')
parser.add_argument('-t', '--token', help='Token to operate with')
parser.add_argument('-e', '--exercise',
help='Assignment/Exercise to operate with')

actions = parser.add_mutually_exclusive_group()
actions.add_argument('-r', '--roster', action='store_const',
Expand All @@ -156,39 +107,24 @@ def hyperspace_main(raw_args):
actions.add_argument('-n', '--newuser', action='store_const',
help='Create a new user from supplied credentials',
dest='do', const=do_newuser)
actions.add_argument('-s', '--session', action='store_const',
help='Check valitity of supplied token',
dest='do', const=do_validate_token)
actions.add_argument('-d', '--dropsession', action='store_const',
help='Drop any existing valid session for supplied username', # NOQA: E501
dest='do', const=do_drop_session)
actions.add_argument('-c', '--createsession', action='store_const',
help='Create session for supplied username',
dest='do', const=do_create_session)
actions.add_argument('-v', '--validatecreds', action='store_const',
help='Create session for supplied username',
dest='do', const=do_validate_creds)
actions.add_argument('-m', '--mutatepassword', action='store_const',
help='Change password for supplied username to supplied password', # NOQA: E501
dest='do', const=do_change_password)
actions.add_argument('-w', '--withdrawuser', action='store_const',
help='Delete ("withdraw") the supplied username',
dest='do', const=do_delete_user)
actions.add_argument('-b', '--bcrypthash', action='store_const',
help='Generate bcrypt hash from supplied password',
dest='do', const=do_bcrypt_hash)
actions.add_argument('-l', '--listsessions', action='store_const',
help='List of all known sessions (some could be invalid)', # NOQA: E501
dest='do', const=do_list_sessions)
actions.add_argument('-q', '--queryuser', action='store_const',
help='Get information about supplied username if valid', # NOQA: E501
dest='do', const=do_query_username)
actions.add_argument('-d', '--dropsession', action='store_const',
help='Drop any existing valid session for supplied username', # NOQA: E501
dest='do', const=do_drop_session)

args = parser.parse_args(raw_args)
if (args.do):
args.do(args)
else:
print("Nothing to do. Tip: -h")
parser.print_help()


if __name__ == "__main__":
Expand Down
1 change: 0 additions & 1 deletion orbit/radius.ini
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
[uwsgi]
http = 0.0.0.0:9098
chdir = /orbit
wsgi-file = radius.py

disable-logging
Expand Down
Loading