authentik/passbook/recovery/management/commands/create_recovery_key.py

"""passbook recovery createkey command"""
from datetime import timedelta
from getpass import getuser

from django.core.management.base import BaseCommand
from django.urls import reverse
from django.utils.timezone import now
from django.utils.translation import gettext as _
from structlog import get_logger

from passbook.core.models import Token, User
from passbook.lib.config import CONFIG

LOGGER = get_logger()


class Command(BaseCommand):
    """Create Token used to recover access"""

    help = _("Create a Key which can be used to restore access to passbook.")

    def add_arguments(self, parser):
        parser.add_argument(
            "duration",
            default=1,
            action="store",
            help="How long the token is valid for (in years).",
        )
        parser.add_argument(
            "user", action="store", help="Which user the Token gives access to."
        )

    def get_url(self, token: Token) -> str:
        """Get full recovery link"""
        path = reverse(
            "passbook_recovery:use-token", kwargs={"uuid": str(token.token_uuid)}
        )
        return f"https://{CONFIG.y('domain')}{path}"

    def handle(self, *args, **options):
        """Create Token used to recover access"""
        duration = int(options.get("duration", 1))
        delta = timedelta(days=duration * 365.2425)
        _now = now()
        expiry = _now + delta
        user = User.objects.get(username=options.get("user"))
        token = Token.objects.create(
            expires=expiry,
            user=user,
            description=f"Recovery Token generated by {getuser()} on {_now}",
        )
        self.stdout.write(
            (
                f"Store this link safely, as it will allow"
                f" anyone to access passbook as {user}."
            )
        )
        self.stdout.write(self.get_url(token))