add option to set user-password for service when updating its hash

src/ahriman/application/ahriman.py

@@ -154,6 +154,7 @@ def _set_create_user_parser(root: SubParserAction) -> argparse.ArgumentParser:
         description="create user for web services with password and role. In case if password was not entered it will be asked interactively",
         formatter_class=argparse.ArgumentDefaultsHelpFormatter)
     parser.add_argument("username", help="username for web service")
+    parser.add_argument("--as-service", help="add user as service user", action="store_true")
     parser.add_argument("-r", "--role", help="user role", type=UserAccess, choices=UserAccess, default=UserAccess.Read)
     parser.add_argument("-p", "--password", help="user password")
     parser.set_defaults(

src/ahriman/application/handlers/create_user.py

@@ -42,21 +42,26 @@ class CreateUser(Handler):
         :param configuration: configuration instance
         """
         salt = CreateUser.get_salt(configuration)
-        user = CreateUser.create_user(args, salt)
+        user = CreateUser.create_user(args)
         auth_configuration = CreateUser.get_auth_configuration(configuration.include)
-        CreateUser.create_configuration(auth_configuration, user, salt)
+        CreateUser.create_configuration(auth_configuration, user, salt, args.as_service)
 
     @staticmethod
-    def create_configuration(configuration: Configuration, user: User, salt: str) -> None:
+    def create_configuration(configuration: Configuration, user: User, salt: str, as_service_user: bool) -> None:
         """
         put new user to configuration
         :param configuration: configuration instance
         :param user: user descriptor
         :param salt: password hash salt
+        :param as_service_user: add user as service user, also set password and user to configuration
         """
         section = Configuration.section_name("auth", user.access.value)
         configuration.set_option("auth", "salt", salt)
-        configuration.set_option(section, user.username, user.password)
+        configuration.set_option(section, user.username, user.hash_password(salt))
+
+        if as_service_user:
+            configuration.set_option("web", "username", user.username)
+            configuration.set_option("web", "password", user.password)
 
         if configuration.path is None:
             return
@@ -64,17 +69,15 @@ class CreateUser(Handler):
             configuration.write(ahriman_configuration)
 
     @staticmethod
-    def create_user(args: argparse.Namespace, salt: str) -> User:
+    def create_user(args: argparse.Namespace) -> User:
         """
         create user descriptor from arguments
         :param args: command line args
-        :param salt: password hash salt
         :return: built user descriptor
         """
         user = User(args.username, args.password, args.role)
         if user.password is None:
             user.password = getpass.getpass()
-        user.password = user.hash_password(user.password, salt)
         return user
 
     @staticmethod

src/ahriman/models/user.py

@@ -73,14 +73,13 @@ class User:
         verified: bool = self._HASHER.verify(password + salt, self.password)
         return verified
 
-    def hash_password(self, password: str, salt: str) -> str:
+    def hash_password(self, salt: str) -> str:
         """
         generate hashed password from plain text
-        :param password: entered password
         :param salt: salt for hashed password
         :return: hashed string to store in configuration
         """
-        password_hash: str = self._HASHER.hash(password + salt)
+        password_hash: str = self._HASHER.hash(self.password + salt)
         return password_hash
 
     def verify_access(self, required: UserAccess) -> bool: