ahuston-0/hydra
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

hydra-create-user: support prompting for passwords

Browse Source 
I'm not sure this is a good implementation as-is. It does work,
but the password gets echo'd to the screen. I tried to use IO::Prompt
but IO::Prompt really seems to want to read the password from ARGV.
This commit is contained in:
Graham Christensen
2022-01-21 10:37:20 -05:00
parent 3a6c25489c
commit bb893d0bd5
2 changed files with 56 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
t/scripts/hydra-create-user.t
View File

@ -46,15 +46,37 @@ subtest "Handling password and password hash creation" => sub {
is($storedPassword, $user->password, "The password was not upgraded.");
};
subtest "Creating a user by prompting for the password" => sub {
subtest "with the same password twice" => sub {
my ($res, $stdout, $stderr) = captureStdoutStderrWithStdin(5, ["hydra-create-user", "prompted-pass-user", "--password-prompt"], "my-password\nmy-password\n");
is($res, 0, "hydra-create-user should exit zero");
my $user = $db->resultset('Users')->find({ username => "prompted-pass-user" });
isnt($user, undef, "The user exists");
like($user->password, qr/^\$argon2id\$v=/, "The password was saved, hashed with argon2id.");
my $storedPassword = $user->password;
ok($user->check_password("my-password"), "Their password validates");
};
subtest "With mismatched password confirmation" => sub {
my ($res, $stdout, $stderr) = captureStdoutStderrWithStdin(5, ["hydra-create-user", "prompted-pass-user", "--password-prompt"], "my-password\nnot-my-password\n");
isnt($res, 0, "hydra-create-user should exit non-zero");
};
};
subtest "Specifying conflicting password options fails" => sub {
my @cases = (
[ "--password=foo", "--password-hash=8843d7f92416211de9ebb963ff4ce28125932878", "--password-prompt" ],
[ "--password=foo", "--password-prompt" ],
[ "--password=foo", "--password-hash=8843d7f92416211de9ebb963ff4ce28125932878" ],
[ "--password-hash=8843d7f92416211de9ebb963ff4ce28125932878", "--password-prompt" ],
);
for my $case (@cases) {
my ($res, $stdout, $stderr) = captureStdoutStderr(5, (
"hydra-create-user", "bogus-password-options", @{$case}));
like($stderr, qr/please specify only one --password\* option/, "We get an error about specifying the password");
like($stderr, qr/please specify one of --password-prompt or --password-hash/, "We get an error about specifying the password");
isnt($res, 0, "hydra-create-user should exit non-zero with conflicting " . join(" ", @{$case}));
}
};