| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167 |
- import datetime
- import random
- import string
- import click
- from flask import current_app
- from libs.password import password_pattern, valid_password, hash_password
- from libs.helper import email as email_validate
- from extensions.ext_database import db
- from libs.rsa import generate_key_pair
- from models.account import InvitationCode, Tenant
- from models.model import Account
- import secrets
- import base64
- from models.provider import Provider
- @click.command('reset-password', help='Reset the account password.')
- @click.option('--email', prompt=True, help='The email address of the account whose password you need to reset')
- @click.option('--new-password', prompt=True, help='the new password.')
- @click.option('--password-confirm', prompt=True, help='the new password confirm.')
- def reset_password(email, new_password, password_confirm):
- if str(new_password).strip() != str(password_confirm).strip():
- click.echo(click.style('sorry. The two passwords do not match.', fg='red'))
- return
- account = db.session.query(Account). \
- filter(Account.email == email). \
- one_or_none()
- if not account:
- click.echo(click.style('sorry. the account: [{}] not exist .'.format(email), fg='red'))
- return
- try:
- valid_password(new_password)
- except:
- click.echo(
- click.style('sorry. The passwords must match {} '.format(password_pattern), fg='red'))
- return
- # generate password salt
- salt = secrets.token_bytes(16)
- base64_salt = base64.b64encode(salt).decode()
- # encrypt password with salt
- password_hashed = hash_password(new_password, salt)
- base64_password_hashed = base64.b64encode(password_hashed).decode()
- account.password = base64_password_hashed
- account.password_salt = base64_salt
- db.session.commit()
- click.echo(click.style('Congratulations!, password has been reset.', fg='green'))
- @click.command('reset-email', help='Reset the account email.')
- @click.option('--email', prompt=True, help='The old email address of the account whose email you need to reset')
- @click.option('--new-email', prompt=True, help='the new email.')
- @click.option('--email-confirm', prompt=True, help='the new email confirm.')
- def reset_email(email, new_email, email_confirm):
- if str(new_email).strip() != str(email_confirm).strip():
- click.echo(click.style('Sorry, new email and confirm email do not match.', fg='red'))
- return
- account = db.session.query(Account). \
- filter(Account.email == email). \
- one_or_none()
- if not account:
- click.echo(click.style('sorry. the account: [{}] not exist .'.format(email), fg='red'))
- return
- try:
- email_validate(new_email)
- except:
- click.echo(
- click.style('sorry. {} is not a valid email. '.format(email), fg='red'))
- return
- account.email = new_email
- db.session.commit()
- click.echo(click.style('Congratulations!, email has been reset.', fg='green'))
- @click.command('reset-encrypt-key-pair', help='Reset the asymmetric key pair of workspace for encrypt LLM credentials. '
- 'After the reset, all LLM credentials will become invalid, '
- 'requiring re-entry.'
- 'Only support SELF_HOSTED mode.')
- @click.confirmation_option(prompt=click.style('Are you sure you want to reset encrypt key pair?'
- ' this operation cannot be rolled back!', fg='red'))
- def reset_encrypt_key_pair():
- if current_app.config['EDITION'] != 'SELF_HOSTED':
- click.echo(click.style('Sorry, only support SELF_HOSTED mode.', fg='red'))
- return
- tenant = db.session.query(Tenant).first()
- if not tenant:
- click.echo(click.style('Sorry, no workspace found. Please enter /install to initialize.', fg='red'))
- return
- tenant.encrypt_public_key = generate_key_pair(tenant.id)
- db.session.query(Provider).filter(Provider.provider_type == 'custom').delete()
- db.session.commit()
- click.echo(click.style('Congratulations! '
- 'the asymmetric key pair of workspace {} has been reset.'.format(tenant.id), fg='green'))
- @click.command('generate-invitation-codes', help='Generate invitation codes.')
- @click.option('--batch', help='The batch of invitation codes.')
- @click.option('--count', prompt=True, help='Invitation codes count.')
- def generate_invitation_codes(batch, count):
- if not batch:
- now = datetime.datetime.now()
- batch = now.strftime('%Y%m%d%H%M%S')
- if not count or int(count) <= 0:
- click.echo(click.style('sorry. the count must be greater than 0.', fg='red'))
- return
- count = int(count)
- click.echo('Start generate {} invitation codes for batch {}.'.format(count, batch))
- codes = ''
- for i in range(count):
- code = generate_invitation_code()
- invitation_code = InvitationCode(
- code=code,
- batch=batch
- )
- db.session.add(invitation_code)
- click.echo(code)
- codes += code + "\n"
- db.session.commit()
- filename = 'storage/invitation-codes-{}.txt'.format(batch)
- with open(filename, 'w') as f:
- f.write(codes)
- click.echo(click.style(
- 'Congratulations! Generated {} invitation codes for batch {} and saved to the file \'{}\''.format(count, batch,
- filename),
- fg='green'))
- def generate_invitation_code():
- code = generate_upper_string()
- while db.session.query(InvitationCode).filter(InvitationCode.code == code).count() > 0:
- code = generate_upper_string()
- return code
- def generate_upper_string():
- letters_digits = string.ascii_uppercase + string.digits
- result = ""
- for i in range(8):
- result += random.choice(letters_digits)
- return result
- def register_commands(app):
- app.cli.add_command(reset_password)
- app.cli.add_command(reset_email)
- app.cli.add_command(generate_invitation_codes)
- app.cli.add_command(reset_encrypt_key_pair)
|
