Remove authentication logs from dictproxy

They log the passwords and make it difficult to spot actual exceptions.

chatmaild/src/chatmaild/database.py

@@ -33,6 +33,13 @@ class Connection:
     def cursor(self):
         return self._sqlconn.cursor()
 
+    def create_user(self, addr: str, password: str):
+        """Create a row in the users table."""
+        self.execute("PRAGMA foreign_keys=on")
+        q = """INSERT INTO users (addr, password, last_login)
+               VALUES (?, ?, ?)"""
+        self.execute(q, (addr, password, int(time.time())))
+
     def get_user(self, addr: str) -> {}:
         """Get a row from the users table."""
         q = "SELECT addr, password, last_login from users WHERE addr = ?"

chatmaild/src/chatmaild/dictproxy.py

@@ -1,6 +1,5 @@
 import logging
 import os
-import time
 import sys
 import json
 import crypt
@@ -47,6 +46,17 @@ def is_allowed_to_create(user, cleartext_password) -> bool:
     return True
 
 
+def create_user(db, user, encrypted_password):
+    with db.write_transaction() as conn:
+        conn.create_user(user, encrypted_password)
+    return dict(
+        home=f"/home/vmail/{user}",
+        uid="vmail",
+        gid="vmail",
+        password=encrypted_password,
+    )
+
+
 def get_user_data(db, user):
     with db.read_connection() as conn:
         result = conn.get_user(user)
@@ -61,30 +71,14 @@ def lookup_userdb(db, user):
 
 
 def lookup_passdb(db, user, cleartext_password):
-    with db.write_transaction() as conn:
+    userdata = get_user_data(db, user)
-        userdata = conn.get_user(user)
+    if not userdata:
-        if userdata:
-            # Update last login time.
-            conn.execute(
-                "UPDATE users SET last_login=? WHERE addr=?", (int(time.time()), user)
-            )
-
-            userdata["uid"] = "vmail"
-            userdata["gid"] = "vmail"
-            return userdata
         if not is_allowed_to_create(user, cleartext_password):
             return
-
         encrypted_password = encrypt_password(cleartext_password)
-        q = """INSERT INTO users (addr, password, last_login)
+        userdata = create_user(db=db, user=user, encrypted_password=encrypted_password)
-               VALUES (?, ?, ?)"""
+    userdata["password"] = userdata["password"].strip()
-        conn.execute(q, (user, encrypted_password, int(time.time())))
+    return userdata
-        return dict(
-            home=f"/home/vmail/{user}",
-            uid="vmail",
-            gid="vmail",
-            password=encrypted_password,
-        )
 
 
 def handle_dovecot_request(msg, db, mail_domain):