Accounts

pansat.download.accounts

The accounts sub-module handles login data for different data portals. The login data is stored in encrypted format in a configuration file identities.json in the user’s home directory tree.

Upon first usage the identities.json file is setup with a custom user password. This password is used to encrypt all data passwords that are subsequently added by the user. The Fernet method is used to en- and decrypt the passwords. All password hashing is performed using random salt.

exception pansat.download.accounts.MissingProviderError

Exception that is thrown when no login data can be found for a given data provider name.

__weakref__

list of weak references to the object (if defined)

exception pansat.download.accounts.WrongPasswordError

Exception that is thrown when an entered password in incorrect.

__weakref__

list of weak references to the object (if defined)

pansat.download.accounts.add_identity(provider, user_name)

Add identity to known identities.

Parameters:

  • provider (str) – Name of the data provider class for which the user name is valid.

  • user (str) –

    User name for the data provider. ! Note that for Copernicus,you have to use the url from your $HOME/.cdsapirc

pansat.download.accounts.authenticate()

Verify pansat password.

Reads pansat password from environment variable PANSAT_PASSWORD. If this is not available, queries user to input password from standard in. Verifies password using the hash stored in the identity list.

Raises:

WrongPasswordError if the provided password is incorrect.

pansat.download.accounts.decrypt(secret)

Decrypt password.

Parameters:

secret (str) – The encrypted password

Returns:

The decrypted password.

Raises:

cryptography.fernet.InvalidToken – Raised if the encrypted password is invalid.

pansat.download.accounts.delete_identity(provider)

Remove identity for provider.

Parameters:

provider (str) – Name of the data provider whose identity to delete.

pansat.download.accounts.encrypt(password)

Encript password.

Parameters:

password (str) – The password to encrypt.

Returns:

The encrypted password as bytes.

pansat.download.accounts.get_identities()

Access identity dictionary.

Returns:

Dictionary holding identities for all known providers.

pansat.download.accounts.get_identity(provider)

Retrieve identity for given provider.

Parameters:

provider (str) – Name of provider.

Returns:

Tuple (user_name, password) containing the user name and password

for the given domain.

Raises:

MissingProviderError – if no identity for the given domain could be found.

pansat.download.accounts.get_password(check=False)

Check if password is provided as PANSAT_PASSWORD environment variable. If this is not the case query user to input password.

Params:
check(bool): Whether user should insert the password twice

to avoid spelling errors.

Returns:

str containing the password

pansat.download.accounts.hash_password(password, salt)

Computes the hash of a password.

Parameters:

  • password (str) – The password

  • salt (bytes) – The salt to use to compute the hash.

Returns:

The base64 encoded hash of the password.

pansat.download.accounts.initialize_identity_file()

Initializes a new identity file.

If no existing identity file is found in the user directory, this function sets up a new one by generating a secret key using random salt and storing a hash of the key and the salt in the identity file.

The salt and the hashed key can then be used to verify the user during subsequent logins.

pansat.download.accounts.parse_identity_file()

If available, parses identity config file and adds entries to known identities.