From 942b073ae5b97b1957f02418a0db7b291f73e1c8 Mon Sep 17 00:00:00 2001 From: LTecher Offical Date: Sun, 16 Nov 2025 18:42:26 -0500 Subject: [PATCH] auth: Allow reading passwords from enviroment variable or file --- copyparty/authsrv.py | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/copyparty/authsrv.py b/copyparty/authsrv.py index b6ac299e..11782a63 100644 --- a/copyparty/authsrv.py +++ b/copyparty/authsrv.py @@ -1718,6 +1718,33 @@ class AuthSrv(object): flags[name] = vals self._e("volflag [{}] += {} ({})".format(name, vals, desc)) + def _parse_password(self, password: str) -> str: + """ + Parses a config file password into a real password + """ + SPECIAL_PASSWORD_CHARACTER = "@" + ESCAPE_CHARACTER = "\\" + + if password.startswith(ESCAPE_CHARACTER): + return password[1:] + + if not password.startswith(SPECIAL_PASSWORD_CHARACTER): + return password + + FILE_URL_TYPE = "file:" + ENV_URL_TYPE = "env:" + + password_url = password[1:] + if password_url.startswith(FILE_URL_TYPE): + with open(password_url[len(FILE_URL_TYPE):], "r") as password_file: + return password_file.read() + elif password_url.startswith(ENV_URL_TYPE): + return os.environ[password_url[len(ENV_URL_TYPE):]] + else: + self.log("Password URL did not begin with a valid URL type.") + raise Exception(BAD_CFG) + + def reload(self, verbosity: int = 9) -> None: """ construct a flat list of mountpoints and usernames @@ -2039,10 +2066,11 @@ class AuthSrv(object): zsl = [] for usr in list(acct)[:]: - zs = acct[usr].strip() if not zs: zs = ub64enc(os.urandom(48)).decode("ascii") zsl.append(usr) + else: + zs = self._parse_password(acct[usr].strip()) acct[usr] = zs if zsl: self.log("generated random passwords for users %r" % (zsl,), 6)