[+] cdb user managment script

[+] cdb auth domain

[+] cdb user managment script
[+] cdb auth domain
34d2046c · Dmitriy A. Gerasimov · cdad405c · 34d2046c · 34d2046c · 34d2046c
Commit 34d2046c authored 5 years ago by Dmitriy A. Gerasimov
--- a/dist/share/configs/cellframe-node.cfg.tpl
+++ b/dist/share/configs/cellframe-node.cfg.tpl
@@ -31,6 +31,7 @@ networks=[kelvin-testnet,private]
 [cdb_auth]
 enabled=false
 collection_name=mycollection
+domain=mydomain


 # VPN stream channel processing module

--- a/scripts/dap_domain_create
+++ b/scripts/dap_domain_create
+#!/bin/sh
+
+echo "Creating the new user for dapserver authorization"
+
+if [ $# -eq 1 ]; then
+	domain=$1
+else
+	read -p "Enter domain name: " domain
+	if [ -z "$domain" ]; then
+    		echo "[CRITICAL] Need domain name to create new record in the database"
+    		exit 1
+	fi
+
+fi
+
+mongodomain=`mongo dapDb --eval "db.dap_domains.distinct( \"_id\", { domain : \"$domain\" })"`
+mongodomain=`echo "$mongodomain" | tail -1 | tr -d "[] "`
+
+if [ -z $mongodomain ]; then
+    mongo dapDb --eval "db.dap_domains.insert( {domain:\"$domain\" } )"
+else
+    echo "[CRITICAL] Domain name $domain is already present"
+fi
+
--- a/scripts/dap_domain_list
+++ b/scripts/dap_domain_list
+#!/bin/sh
+
+mongo dapDb --eval "db.dap_domains.find()"
--- a/scripts/dap_user_change_password
+++ b/scripts/dap_user_change_password
+#!/bin/sh
+
+echo "Creating the new user for dapserver authorization"
+
+read -p "Enter login: " login
+if [ -z "$login" ]; then
+    echo "[CRITICAL] Need username to create new login record in the database"
+    exit 1
+fi
+
+result=$(mongo dapDb --eval "db.dap_users.find( { login : \"${login}\" } )" | wc -l)
+
+if [ $result -eq 2 ]; then 
+	echo "Login not found in DataBase"
+	exit 2
+fi
+
+read -p "Enter new password: " password
+if [ -z "$password" ]; then
+    echo "[CRITICAL] Need secure password to create new login record in the database"
+    exit 3
+fi
+
+salt=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8; echo '')
+
+echo -n "${password}${salt}" | openssl dgst -sha512 -binary > temp.txt
+echo -n "${salt}" | openssl dgst -sha512 -binary >> temp.txt
+b64=$(cat temp.txt | base64)
+b64urlstring=$(echo $b64 | tr "+/" "-_" | tr -d ' =')
+b64salt=$(echo -n ${salt} | base64 | tr "+/" "-_" | tr -d ' =')
+rm temp.txt
+
+mongo dapDb --eval "db.dap_users.update( { login : \"${login}\"}, { \$set: { passwordHash : \"${b64urlstring}\", salt : \"${b64salt}\"  } } )"
+
+
+
+
--- a/scripts/dap_user_create
+++ b/scripts/dap_user_create
+#!/bin/sh
+
+echo "Creating the new user for dapserver authorization"
+
+if [ $# -eq 1 ]; then
+	echo "Need two parametrs ( email and password )"
+	exit 5
+fi
+
+if [ $# -eq 2 ]; then
+
+	email=$1
+	password=$2
+
+	is_correct_email=$(echo $email | grep -E "^.+@.+[.].+$")
+	if [ -z $is_correct_email ]; then
+		echo Error! Bad email address. Use first parametr email, second - password
+		exit 4
+	fi
+else
+ 
+	read -p "Enter login: " login
+	if [ -z "$login" ]; then
+    		echo "[CRITICAL] Need username to create new login record in the database"
+    		exit 1
+	fi
+
+	read -p "Enter password: " password
+	if [ -z "$password" ]; then
+    		echo "[CRITICAL] Need secure password to create new login record in the database"
+    		exit 2
+	fi
+
+	read -p "Enter email: " email
+
+	if [ -n "$email" ]; then 
+		is_correct_email=$(echo $email | grep -E "^.+@.+[.].+$")
+		if [ -z $is_correct_email ]; then
+			echo Error! Bad email address.
+			exit 4
+		fi
+	fi
+
+	read -p "Enter first_name ( can skip ): " first_name	
+	read -p "Enter last_name ( can skip ): " last_name
+	
+fi
+
+domain=klvn.io
+
+mongodomain=`mongo dapDb --eval "db.dap_domains.distinct( \"_id\", { domain : \"$domain\" })" `
+mongodomain=`echo "$mongodomain" | tail -1 | tr -d "[] "`
+
+if [ -z $mongodomain ]; then
+	echo "domain not find in database"
+	exit 3
+else
+
+fi
+
+password_hash=$(/opt/cellframe-node/bin/dap_server_http_db_auth_tool password_hash ${password})
+echo "Password hash $password_hash"
+if [ -z "$login" ]; then
+	login=$email
+fi
+
+if [ -z "$email" ]; then
+    email=$login
+fi
+
+registration_date=$(date -u "+%Y-%m-%d %T")
+expired_date=$(date -u -d '+ 3 day' '+%Y-%m-%d %T')
+
+mongo dapDb --eval "db.dap_users.insert( { login : \"${login}\", email : \"${email}\", passwordHash : \"${password_hash}\",\
+domainId : ${mongodomain}, profile: { first_name : \"${first_name}\",\
+last_name : \"${last_name}\" }, registration_date : ISODate(\"${registration_date}\"), expire_date : ISODate(\"${expired_date}\"), contacts: [] } )"
+
--- a/scripts/dap_user_update
+++ b/scripts/dap_user_update
+#!/bin/sh
+
+echo "Update user for dapserver authorization"
+
+if [ $# -lt 3 ] || [ $# -gt 4 ]; then
+	echo "Need three or four parametrs ( login, first_name, last_name, password ( if want change) )."
+	exit 1
+fi
+
+if [ $# -eq 3 ]; then
+	mongo dapDb --eval "db.dap_users.update( { login : \"${1}\"}, { \$set: { \"profile.first_name\" : \"${2}\", \"profile.last_name\" : \"${3}\"  } } )"
+	exit 0
+fi
+
+password=${4}
+
+password_hash=$(/opt/cellframe-node/bin/dap_server_http_db_auth_tool password_hash ${password})
+echo "Password hash $password_hash"
+
+
+mongo dapDb --eval "db.dap_users.update( { login : \"${1}\"}, { \$set: { passwordHash : \"${password_hash}\", \"profile.first_name\" : \"${2}\", \"profile.last_name\" : \"${3}\"  } } )"
+
--- a/scripts/set_subscription_for_client
+++ b/scripts/set_subscription_for_client
+#!/bin/sh
+
+: 'Выдача подписки клиенту. Входные данные: логин и количество дней на которое
+выписывается/продляется подписка, ( отсчет идет от момента использования скрипта, если 
+подписка еще активная то продляется на N дней )'
+
+echo "Set user subscription"
+
+if [ $# -ne "2" ]; then
+	echo "Error! Need two parametrs login(email?) and count day's subscribtion"
+	exit 1
+fi
+
+result=$(mongo dapDb --eval "db.dap_users.find( { login : \"${1}\" } )" | wc -l)
+
+if [ $result -eq 2 ]; then 
+	echo "Login not found in DataBase"
+	exit 2
+fi
+
+iso_date_expire=$(mongo dapDb --eval "db.dap_users.find( { login: \"${1}\" }, { expire_date : 1, _id : 0 } )" )
+iso_date_expire=$(echo $iso_date_expire | grep -E -o "ISODate.+)" | grep -E -o "[0-9]+.+Z") 
+
+iso_date_expire_in_sec=$(date -d $iso_date_expire "+%s")
+now_date_in_sec=$(date "+%s")
+
+date_diff=`expr $iso_date_expire_in_sec - $now_date_in_sec`
+
+if [ $date_diff -lt 0 ]; then
+	result_date=$(date -u -d '+ '${2}' day' '+%Y-%m-%d %T')
+else
+	result_date=$(date -u -d "$iso_date_expire + ${2} day" "+%Y-%m-%d %T")	
+fi  
+
+mongo dapDb --eval "db.dap_users.update( { login : \"${1}\"}, { \$set: { expire_date : ISODate(\"${result_date}\") }} )"
+
+echo "Subscription update for client to: " $result_date
+