autogen pw for blank-pw users (closes #596);

if a user is defined with a blank password, generate a strong password for that user
2025-08-16 08:32:13 -06:00 · 2025-08-14 19:22:04 +00:00 · 2025-08-14 19:22:04 +00:00 · 7f44875061
parent 68907eaf48
commit 7f44875061
1 changed files with 10 additions and 0 deletions
--- a/copyparty/authsrv.py
+++ b/copyparty/authsrv.py
@ -1885,6 +1885,16 @@ class AuthSrv(object):
        if LEELOO_DALLAS in all_users:
            raise Exception("sorry, reserved username: " + LEELOO_DALLAS)

+        zsl = []
+        for usr in list(acct)[:]:
+            zs = acct[usr].strip()
+            if not zs:
+                zs = ub64enc(os.urandom(48)).decode("ascii")
+                zsl.append(usr)
+            acct[usr] = zs
+        if zsl:
+            self.log("generated random passwords for users %r" % (zsl,), 6)
+
        seenpwds = {}
        for usr, pwd in acct.items():
            if pwd in seenpwds: