Skip to content

Commit

Permalink
register_new_matrix_user: add password-file flag
Browse files Browse the repository at this point in the history
getpass in python expects stdin to be a tty, hence we cannot just pipe
into register_new_matrix_user. --password-file instead works better and
it would also allow the use of stdin if /dev/stdin is passed.

Co-authored-by: Andrew Morgan <[email protected]>
Signed-off-by: Jörg Thalheim <[email protected]>
  • Loading branch information
Mic92 and anoadragon453 committed Jun 14, 2024
1 parent 2c36a67 commit 2667907
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 7 deletions.
2 changes: 2 additions & 0 deletions changelog.d/17294.feature
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
`register_new_matrix_user` now supports a --password-file flag, which
is useful for scripting.
9 changes: 7 additions & 2 deletions debian/register_new_matrix_user.ronn
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,13 @@ A sample YAML file accepted by `register_new_matrix_user` is described below:
Local part of the new user. Will prompt if omitted.

* `-p`, `--password`:
New password for user. Will prompt if omitted. Supplying the password
on the command line is not recommended. Use the STDIN instead.
New password for user. Will prompt if this option and `--password-file` are omitted.
Supplying the password on the command line is not recommended.
Use `--password-file` if possible.

* `--password-file`:
File containing the new password for user. If set, overrides `--password`.
This is a more secure alternative to specifying the password on the command line.

* `-a`, `--admin`:
Register new user as an admin. Will prompt if omitted.
Expand Down
20 changes: 15 additions & 5 deletions synapse/_scripts/register_new_matrix_user.py
Original file line number Diff line number Diff line change
Expand Up @@ -173,11 +173,18 @@ def main() -> None:
default=None,
help="Local part of the new user. Will prompt if omitted.",
)
parser.add_argument(
password_group = parser.add_mutually_exclusive_group()
password_group.add_argument(
"-p",
"--password",
default=None,
help="New password for user. Will prompt if omitted.",
help="New password for user. Will prompt for a password if "
"this flag and `--password-file` are both omitted.",
)
password_group.add_argument(
"--password-file",
default=None,
help="File containing the new password for user. If set, will override `--password`.",
)
parser.add_argument(
"-t",
Expand Down Expand Up @@ -247,6 +254,11 @@ def main() -> None:
print(_NO_SHARED_SECRET_OPTS_ERROR, file=sys.stderr)
sys.exit(1)

if args.password_file:
password = _read_file(args.password_file, "password-file").strip()
else:
password = args.password

if args.server_url:
server_url = args.server_url
elif config is not None:
Expand All @@ -269,9 +281,7 @@ def main() -> None:
if args.admin or args.no_admin:
admin = args.admin

register_new_user(
args.user, args.password, server_url, secret, admin, args.user_type
)
register_new_user(args.user, password, server_url, secret, admin, args.user_type)


def _read_file(file_path: Any, config_path: str) -> str:
Expand Down

0 comments on commit 2667907

Please sign in to comment.