My situation is that i have to bacup the config of some switches.
The authentication on switches is by password and user/password
I cannot seem to find an expect script that checks to login first with just password, and if it fails then to try user and password.
it should be something like:
telnet to host
if password ok then execupt backup command
else send user and password and execute backup command
#!/usr/bin/expect
spawn telnet 172.21.146.22
sleep 1
send "\x19"
sleep 1
expect
{
"Password:" {
send "pass\r"
interact
}
"Username:" {
send "admin\r"
sleep 1
expect "Password:"
send "pass\r"
interact
}
}
What you need here is exp_continue, that basically enables "looping" in an expect statement
#!/usr/bin/expect
spawn telnet 172.21.146.22
sleep 1
send "\x19"
sleep 1
expect { # <-- open braces *must* be on same line as command.
"Password:" {
send "pass\r"
exp_continue
}
"Username:" {
send "admin\r"
exp_continue
}
timeout {
error "timed out before successful login"
}
"some_string_you_see_when_you_have_logged_in_successfully"
}
send "your backup command\r"
If, when you login, you see the Password prompt first, you'll send that password but stay inside the expect command until some other pattern is seen. If that is "Username", then you'll send the username and then wait until the password prompt is seen. If the first password succeeded then you'll need to look for "some_string_you_see_when_you_have_logged_in_successfully"
Related
Using SotoSESV2 in a Vapor project: https://github.com/soto-project/soto.git
Following method return success, but email is clearly not delivered hours after the success, how is it possible?
return ses.sendEmail(sendEmailRequest).flatMapAlways { re in
print(re)
fflush(stdout)
switch re {
case .success:
print("Welcome message sent to: \(emailTo)")
Email is not in Junk either.
I do not see any bouncing in AWS dashboard or something.
enter image description here
I Am using AWS Cognito for authentication in a web application.
If a user Forgets their password I have a Lambda Function Trigger that sends a custom email with a link that has the users email address and the verification code in so they can click the link and just enter their new password.
So There is a new requirement that should allow the user to receive an sms, but currently it looks like if you enable MFA for sending the SMS, you can only customise the message in the console area and in the Lambda function,
this event.response.smsMessage does not seem to do anything.
So if the user has phone_number_verified true, it sends the sms without triggering the Lambda function.
exports.handler = function(event, context) {
if(event.triggerSource === "CustomMessage_ForgotPassword") {
var url = 'http://myurl.com/forgotpassword/'+ event.request.userAttributes.email+'/'+event.request.codeParameter
event.response.smsMessage = 'Password Reset: Click the link ' + url + ' or enter Verification Code: ' + event.request.codeParameter
event.response.emailSubject = " Password reset";
event.response.emailMessage = "Custom HTML goes here";
}
context.done(null, event);
};
This is currently the Lambda function configure on custom message trigger in the cognito User pool.
After a long discussion with AWS support, They came to the resolution that my SMS text was more than 140 chars. Yes 140, And then the SMS would not be sent rather the email would. No errors in logs or anything whatsoever.
So they said they will look into adding something in the logs that at least tells you that the SMS was not sent because the character limit was exceeded.
I'm convinced that Amazon goes out of its way to make understanding their platform as difficult as is possible.
I've read over the documentation regarding "cognitoUser.getAttributeVerificationCode" at Amazon only to have it make me even more confused!
Verify an Attribute
The following example verifies user attributes for an authenticated user.
cognitoUser.getAttributeVerificationCode('email', {
onSuccess: function (result) {
console.log('call result: ' + result);
},
onFailure: function(err) {
alert(err);
},
inputVerificationCode: function() {
var verificationCode = prompt('Please input verification code: ' ,'');
cognitoUser.verifyAttribute('email', verificationCode, this);
}
});
Can anyone help me understand what this is (cognitoUser.getAttributeVerificationCode) and/or how I would use it? I don't understand why I would verify an email attribute w/a verification code.
The verification code is sent to the users email. The user has to properly receive that email to retrieve the code and enter it in a UI so that the email is set to verified in Cognito. That user can then reset their password using that email.
What if the user had entered an incorrect email? Or their email system didn't allow them to receive the code sent by AWS?
By sending out a verification code, and having the user send it back, Cognito verifies that the email was entered correctly and belongs to that user. This can seem like a pain but is standard on many web platforms now days...The same process is needed with phone numbers for users in your Cognito user pool.
I need to restore or reset user password when his status is FORCE_CHANGE_PASSWORD. This situation happened when user try to restore password using "forgot password" feature and he lost email with temporary password. Now he can't do anything because he don't remember password and he can't reset password again
This code handle forgot password
return CognitoIdentitySP.forgotPassword(params, (err, resp) => {
if (err) { ... }
...
})
And I receive error (in case of FORCE_CHANGE_PASSWORD status)
NotAuthorizedException: User password cannot be reset in the current state.
Is there any way to reset password in such state?
You can use aws-cli to do it. Here is a sample command, replace POOL_ID and EMAIL_ADDRESS accordingly:
aws cognito-idp admin-create-user --user-pool-id <POOL_ID> --username <EMAIL_ADDRESS> --message-action RESEND --profile <AWS_PROFILE>
You can also use the admin-set-user-password command in this situation of the temporary password being lost or expired:
aws cognito-idp admin-set-user-password --user-pool-id <POOL_ID> --username <USERNAME> --password <PASSWORD> --no-permanent
This will set a new temporary password of whatever you set the password to be but importantly will force the user to set a new password as soon as they log in, so security is maintained.
You will need to communicate this to the user but we found this extremely useful when your company's security policies prevent you from being able to run the create user command.
You can call admin create user again with the MessageAction set to RESEND in which case Cognito will resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to "SUPPRESS" to suppress sending the message. Only one value can be specified.
When you create a user from the admin or with the admin sdk from the frontend you have to use the authentication flow "USER_PASSWORD_AUTH" previously you should have configured it in the app client:
https://docs.amplify.aws/lib/auth/switch-auth/q/platform/js/
How can I make the app delete the notifications as a user accepts them? For example the user sends a request to friends, the users are then notified of this before giving the option to accept or reject. On acceptance I need to enter some info into a database, which isn't the problem I'm having.
I'm using the code below, and the problem i'm finding is when the user has multiple requests from different people. It's either deleting all of the requests or none at all, ideally I need it to delete each request the user has accepted. Any ideas?
$request = $facebook->api("/me/apprequests");
foreach ($request as $data) {
echo "<form method='post'>";
foreach ($data as $full_request_id) {
echo "<input type='submit' name='yes' id='yes' value='Yes'>";
if ((isset($_POST['yes']))) {
try {
$delete_success = $facebook->api("/$full_request_id",'DELETE');
if ($delete_success) {
echo "Successfully deleted " . $full_request_id;}
else {
echo "Delete failed".$full_request_id;}
}
catch (FacebookApiException $e) {
echo $e;}
}
echo "</form>";
}
}
There's sample code on the page for the Requests dialog: https://developers.facebook.com/docs/reference/dialogs/requests/
I believe the recommended workflow is to delete all pending requests for that user (from Facebook's side); if you still need the user to manually accept them one by one after they click the first one, you can render your own interface for the remaining requests
This is what apps like Cityville do - when you click through from a Facebook requests they clear all your Facebook requests and render their own dialog for you to accept the remaining (now hidden from Facebook's onterface) gifts.