Skip to content

Commit

Permalink
register_new_matrix_user: add password-file flag
Browse files Browse the repository at this point in the history
getpass in python exist on stdin to be a tty, hence we cannot just pipe
into register_new_matrix_user. --password-file instead works better and
it would also allow the use of stdin if /dev/stdin is passed.

Co-authored-by: Andrew Morgan <[email protected]>
Signed-off-by: Jörg Thalheim <[email protected]>
  • Loading branch information
Mic92 and anoadragon453 committed Jun 11, 2024
1 parent 863578b commit 28b238a
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 5 deletions.
2 changes: 2 additions & 0 deletions changelog.d/17294.feature
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
`register_new_matrix_user` now supports a --password-file flag, which
is useful for scripting.
9 changes: 7 additions & 2 deletions debian/register_new_matrix_user.ronn
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,13 @@ A sample YAML file accepted by `register_new_matrix_user` is described below:
Local part of the new user. Will prompt if omitted.

* `-p`, `--password`:
New password for user. Will prompt if omitted. Supplying the password
on the command line is not recommended. Use the STDIN instead.
New password for user. Will prompt if this option and `--password-file` are omitted.
Supplying the password on the command line is not recommended.
Use `--password-file` if possible.

* `--password-file`:
File containing the new password for user. If set, overrides `--password`.
This is a more secure alternative to specifying the password on the command line.

* `-a`, `--admin`:
Register new user as an admin. Will prompt if omitted.
Expand Down
19 changes: 16 additions & 3 deletions synapse/_scripts/register_new_matrix_user.py
Original file line number Diff line number Diff line change
Expand Up @@ -173,11 +173,19 @@ def main() -> None:
default=None,
help="Local part of the new user. Will prompt if omitted.",
)
parser.add_argument(
password_group = parser.add_mutually_exclusive_group()
password_group.add_argument(
"-p",
"--password",
default=None,
help="New password for user. Will prompt if omitted.",
help="New password for user. Will prompt for a password if "
"this flag and `--password-file` are both omitted.",
)
password_group.add_argument(
"--password-file",
default=None,
help="File containing the new password for user. If set, will
override `--password`.",
)
parser.add_argument(
"-t",
Expand Down Expand Up @@ -247,6 +255,11 @@ def main() -> None:
print(_NO_SHARED_SECRET_OPTS_ERROR, file=sys.stderr)
sys.exit(1)

if args.password_file:
password = _read_file(args.password_file, "password-file").strip()
else:
password = args.password

if args.server_url:
server_url = args.server_url
elif config is not None:
Expand All @@ -270,7 +283,7 @@ def main() -> None:
admin = args.admin

register_new_user(
args.user, args.password, server_url, secret, admin, args.user_type
args.user, password, server_url, secret, admin, args.user_type
)


Expand Down

0 comments on commit 28b238a

Please sign in to comment.