Upgrade deps to get it running on python 3.13

README.md

@@ -26,7 +26,7 @@ make sure that you have the correct versions.
 Creating the database:
 
     # cd docker/p2k16
-    # docker-compose up -d
+    # docker compose up -d
     # cd -
     # psql -U postgres -f database-setup.sql
 

docker/p2k16/docker-compose.yml

@@ -1,4 +1,3 @@
-version: "3"
 services:
   pdb:
     image: postgres:12

requirements.txt

@@ -7,62 +7,62 @@
 
 attrs==20.2.0
 bcrypt==3.1.7
-blinker==1.4
+blinker==1.8.2
 cachetools==4.1.1
 certifi==2020.6.20
 cffi==1.14.5
 chardet==3.0.4
 charset-normalizer==2.0.3
-click==7.1.2
+click==8.1.7
 cssselect==1.1.0
 cssutils==1.0.2
 cycler==0.10.0
 emails==0.6
-Flask==1.1.2
-Flask-Bcrypt==0.7.1
-Flask-Bower==1.3.0
+Flask==3.0.3
+Flask-Bcrypt==1.0.1
+Flask-Bower==2.0.0
 Flask-Env==2.0.0
-Flask-Inputs==0.3.0
-Flask-Login==0.5.0
-Flask-SQLAlchemy==2.4.4
-Flask-Testing==0.8.0
-future==0.18.2
+Flask-Inputs==1.0.0
+Flask-Login==0.6.3
+Flask-SQLAlchemy==3.1.1
+Flask-Testing==0.8.1
+future==1.0.0
 gunicorn==20.0.4
 idna==2.10
 iniconfig==1.1.1
-itsdangerous==1.1.0
-Jinja2==2.11.3
+itsdangerous==2.2.0
+Jinja2==3.1.4
 jsonschema==3.2.0
-kiwisolver==1.3.2
+kiwisolver==1.4.7
 ldif3==3.2.2
-lxml==4.9.1
-MarkupSafe==1.1.1
-matplotlib==3.4.3
+lxml==5.3.0
+MarkupSafe==3.0.1
+matplotlib==3.9.2
 nose==1.3.7
-numpy==1.23.1
+numpy==2.1.2
 packaging==21.0
 paho-mqtt==1.5.1
-pandas==1.3.5
-Pillow==9.0.1
+pandas==2.2.3
+Pillow==11.0.0
 pluggy==1.0.0
 premailer==3.7.0
-psycopg2-binary==2.9.5
+psycopg2-binary==2.9.10
 py==1.10.0
 pycparser==2.20
 pyparsing==2.4.7
 pyrsistent==0.17.3
 pytest==6.2.5
-python-dateutil==2.8.1
+python-dateutil==2.8.2
 pytz==2021.1
-PyYAML==5.4
+PyYAML==6.0.2
 requests==2.26.0
-six==1.15.0
-SQLAlchemy==1.3.20
-SQLAlchemy-Continuum==1.3.11
-SQLAlchemy-Utils==0.36.8
+six==1.16.0
+SQLAlchemy==2.0.36
+SQLAlchemy-Continuum==1.4.2
+SQLAlchemy-Utils==0.41.2
 stripe==5.5.0
 toml==0.10.2
 typing==3.7.4.3
 urllib3==1.26.6
-Werkzeug==1.0.1
-WTForms==2.3.3
+Werkzeug==3.0.4
+WTForms==3.1.2

web/src/cgi.py

@@ -0,0 +1,9 @@
+
+from email.message import Message
+
+def parse_header(header):
+    msg = Message()
+    msg.add_header('content-type', header)
+    r = msg.get_param('charset')
+    if r:
+        return r

web/src/crypt.py

@@ -0,0 +1,117 @@
+# SHAcrypt using SHA-512, after https://akkadia.org/drepper/SHA-crypt.txt.
+#
+# Copyright © 2024 Tony Garnock-Jones.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+import hashlib
+import secrets
+
+alphabet = \
+    [ord(c) for c in './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz']
+permutation = [
+    [0, 21, 42], [22, 43, 1], [44, 2, 23], [3, 24, 45],
+    [25, 46, 4], [47, 5, 26], [6, 27, 48], [28, 49, 7],
+    [50, 8, 29], [9, 30, 51], [31, 52, 10], [53, 11, 32],
+    [12, 33, 54], [34, 55, 13], [56, 14, 35], [15, 36, 57],
+    [37, 58, 16], [59, 17, 38], [18, 39, 60], [40, 61, 19],
+    [62, 20, 41], [-1, -1, 63],
+]
+def encode(bs64):
+    result = bytearray(4 * len(permutation))
+    i = 0
+    for group in permutation:
+        g = lambda j: bs64[j] if j != -1 else 0
+        bits = g(group[0]) << 16 | g(group[1]) << 8 | g(group[2])
+        result[i] = alphabet[bits & 63]
+        result[i+1] = alphabet[(bits >> 6) & 63]
+        result[i+2] = alphabet[(bits >> 12) & 63]
+        result[i+3] = alphabet[(bits >> 18) & 63]
+        i = i + 4
+    return bytes(result).decode('ascii')[:-2]
+
+def repeats_of(n, bs): return bs * int(n / len(bs)) + bs[:n % len(bs)]
+def digest(bs): return hashlib.sha512(bs).digest()
+
+def crypt(password, salt = None, rounds = 5000):
+    if salt is None: salt = encode(secrets.token_bytes(64))[:16].encode('ascii')
+    salt = salt[:16]
+
+    B = digest(password + salt + password)
+    Ainput = password + salt + repeats_of(len(password), B)
+    v = len(password)
+    while v > 0:
+        Ainput = Ainput + (B if v & 1 else password)
+        v = v >> 1
+    A = digest(Ainput)
+
+    DP = digest(password * len(password))
+    P = repeats_of(len(password), DP)
+    DS = digest(salt * (16+A[0]))
+    S = repeats_of(len(salt), DS)
+
+    C = A
+    for round in range(rounds):
+        Cinput = b''
+        Cinput = Cinput + (P if round & 1 else C)
+        if round % 3: Cinput = Cinput + S
+        if round % 7: Cinput = Cinput + P
+        Cinput = Cinput + (C if round & 1 else P)
+        C = digest(Cinput)
+
+    if rounds == 5000:
+        return '$6$' + salt.decode('ascii') + '$' + encode(C)
+    else:
+        return '$6$rounds=' + str(rounds) + '$' + salt.decode('ascii') + '$' + encode(C)
+
+#---------------------------------------------------------------------------
+
+def extract_salt_and_rounds(i): # i must be '$6$...'
+    pieces = i.split('$')
+    if pieces[1] != '6': raise TypeError('shacrypt512 only supports $6$ hashes')
+    if pieces[2].startswith('rounds='):
+        rounds = int(pieces[2][7:])
+        if rounds < 1000: rounds = 1000
+        if rounds > 999999999: rounds = 999999999
+        return (pieces[3].encode('ascii'), rounds)
+    else:
+        return (pieces[2].encode('ascii'), 5000)
+
+def password_ok(input_password, existing_crypted_password):
+    (salt, rounds) = extract_salt_and_rounds(existing_crypted_password)
+    return existing_crypted_password == shacrypt(input_password, salt, rounds)
+
+if __name__ == '__main__':
+    _test_password = 'Hello world!'.encode('ascii')
+    _test_salt = 'saltstring'.encode('ascii')
+    _test_rounds = 5000
+    _test_crypted_password = '$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1'
+    assert shacrypt(_test_password, _test_salt, _test_rounds) == _test_crypted_password
+    assert password_ok(_test_password, _test_crypted_password)
+
+    _test_password = 'Hello world!'.encode('ascii')
+    _test_salt = 'saltstringsaltstring'.encode('ascii')
+    _test_rounds = 10000
+    _test_crypted_password = '$6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v.'
+    assert shacrypt(_test_password, _test_salt, _test_rounds) == _test_crypted_password
+    assert password_ok(_test_password, _test_crypted_password)
+
+    import sys
+    salt = None if len(sys.argv) < 2 else sys.argv[1].encode('ascii')
+    print(shacrypt(sys.stdin.readline().strip().encode('utf-8'), salt))

web/src/p2k16/core/models.py

@@ -12,7 +12,7 @@
 from sqlalchemy import Column, DateTime, Integer, String, ForeignKey, Numeric, Boolean, Sequence, event, func
 from sqlalchemy.ext.declarative import declared_attr
 from sqlalchemy.ext.hybrid import hybrid_property
-from sqlalchemy.orm import relationship
+from sqlalchemy.orm import relationship, Mapped, mapped_column
 
 logger = logging.getLogger(__name__)
 
@@ -471,7 +471,7 @@ class Company(DefaultMixin, db.Model):
     contact_id = Column("contact", Integer, ForeignKey('account.id'), nullable=False)
     contact = relationship("Account", foreign_keys=[contact_id])
 
-    employees = relationship("CompanyEmployee")  # type: Iterable[CompanyEmployee]
+    employees: Mapped[List["CompanyEmployee"]] = relationship(back_populates="company")
 
     def __init__(self, name, contact: Account, active: bool):
         super().__init__()
@@ -511,10 +511,10 @@ class CompanyEmployee(DefaultMixin, db.Model):
     __tablename__ = 'company_employee'
     __versioned__ = {}
 
-    company_id = Column("company", Integer, ForeignKey('company.id'), nullable=False)
-    company = relationship("Company", foreign_keys=[company_id])
-    account_id = Column("account", Integer, ForeignKey('account.id'), nullable=False)
-    account = relationship("Account", foreign_keys=[account_id])
+    company_id: Mapped[int] = mapped_column(ForeignKey("company.id"), name="company", primary_key=True)
+    company: Mapped["Company"] = relationship(back_populates="employees")
+    account_id: Mapped[int] = mapped_column(primary_key=True, name="account")
+    # account: Mapped["Account"] = relationship(back_populates="employees")
 
     def __init__(self, company: Company, account: Account):
         super().__init__()

web/src/p2k16/core/tool.py

@@ -14,6 +14,23 @@ class DummyClient(object):
     pass
 
 
+def tool_event_to_json(event: Event):
+    if type(event) is ToolCheckoutEvent:
+        return {**model_to_json(event), **{
+            "domain": event.domain,
+            "name": event.name,
+            "int1": event.int1,
+            "created_at": event.created_at
+        }}
+    elif type(event) is ToolCheckinEvent:
+        return {**model_to_json(event), **{
+            "domain": event.domain,
+            "name": event.name,
+            "int1": event.int1,
+            "created_at": event.created_at
+        }}
+
+
 @event_management.converter_for("tool", "checkout")
 class ToolCheckoutEvent(object):
     def __init__(self, tool_name: str, created_at: Optional[datetime] = None, created_by: Optional[Account] = None):
@@ -31,7 +48,7 @@ def from_event(event: Event) -> "ToolCheckoutEvent":
     def to_dict(self):
         return {**event_management.base_dict(self), **{
             "created_at": self.created_at,
-            "created_by": self.created_by,
+            "created_by": self.created_by.id,
             "created_by_username": self.created_by.username,
             "tool_name": self.tool_name
         }}
@@ -54,7 +71,7 @@ def from_event(event: Event) -> "ToolCheckinEvent":
     def to_dict(self):
         return {**event_management.base_dict(self), **{
             "created_at": self.created_at,
-            "created_by": self.created_by,
+            "created_by": self.created_by.id,
             "created_by_username": self.created_by.username,
             "tool_name": self.tool_name
         }}

web/src/p2k16/web/server.py

@@ -6,7 +6,7 @@
 import flask_bower
 import flask_login
 import werkzeug.exceptions
-from flask.json import JSONEncoder
+from json import JSONEncoder
 from p2k16.core import P2k16UserException, P2k16TechnicalException, membership_management
 from p2k16.core import make_app, auth, door, mail, tool, label
 from p2k16.core.log import P2k16LoggingFilter

web/src/p2k16/web/tool_blueprint.py

@@ -62,7 +62,7 @@ def tool_to_json(tool: ToolDescription):
         checkout_model = {
             "active": True,
             "started": checkout.started,
-            "account": checkout.account,
+            "account": checkout.account.id,
             "username": checkout.account.username,
         }
     else:
@@ -72,7 +72,7 @@ def tool_to_json(tool: ToolDescription):
 
 
     return {**model_to_json(tool), **{
-        "name": tool.name, 
+        "name": tool.name,
         "description": tool.description,
         "circle": tool.circle.name,
         "checkout": checkout_model,