bots.password_resetter

Robot to be run periodically from cron and handle RT user password reset tickets that come from the website. This semi-automates the steps of changing the password to a temporary generated password in LDAP and emailing the user about the change.

User intervention is required to confirm that the ticket is valid before going ahead with the reset.

Tickets are identified as password reset requests if the first comment contains at least one noun and at least one verb from the lists in this module, or if a further comment includes the special token “account bot reset password”. Administrators can mark unidentified tickets by adding that text in a comment.

class accre.bots.password_resetter.PWRequest(ticket, vunetid, email, priority)

Bases: tuple

email

Alias for field number 2

priority

Alias for field number 3

ticket

Alias for field number 0

vunetid

Alias for field number 1

accre.bots.password_resetter.PW_RESET_NOUNS = {'credentials', 'creds', 'login', 'passphrase', 'passwd', 'password'}

Password reset nouns for ticket identification

accre.bots.password_resetter.PW_RESET_VERBS = {'change', 'expire', 'expired', 'forgot', 'forgotten', 'lost', 'reset'}

Password reset verbs for ticket identification

class accre.bots.password_resetter.PasswordResetter

Bases: object

Object to handle password resets by calling the run method.

run()

Run the password resetter on all identified requests.

accre.bots.password_resetter.run_password_resetter()

CLI endpoint to run the password resetter, searching through all RT tickets and performing appropriate steps for handling the request.