5 files changed, 40 insertions, 3 deletions

diff --git a/src/leap/bitmask/bonafide/_protocol.py b/src/leap/bitmask/bonafide/_protocol.py
index 7917f383..01919c7d 100644
--- a/src/leap/bitmask/bonafide/_protocol.py
+++ b/src/leap/bitmask/bonafide/_protocol.py
@@ -147,6 +147,13 @@ class BonafideProtocol(object):
         d.addCallback(lambda _: '%s logged out' % full_id)
         return d
 
+    def do_list_users(self):
+        users = []
+        for user, session in self._sessions.items():
+            users.append({'userid': user,
+                          'authenticated': session.is_authenticated})
+        return users
+
     def do_change_password(self, full_id, current_password, new_password):
         log.msg('Change password for %s' % full_id)
         if (full_id not in self._sessions or
diff --git a/src/leap/bitmask/bonafide/service.py b/src/leap/bitmask/bonafide/service.py
index 1f0d6362..fbe6846e 100644
--- a/src/leap/bitmask/bonafide/service.py
+++ b/src/leap/bitmask/bonafide/service.py
@@ -106,6 +106,9 @@ class BonafideService(HookableService):
         d.addCallback(lambda response: {'logout': 'ok'})
         return d
 
+    def do_list_users(self):
+        return self._bonafide.do_list_users()
+
     def do_change_password(self, username, current_password, new_password):
         def notify_passphrase_change(_):
             data = dict(username=username, password=new_password)
diff --git a/src/leap/bitmask/cli/user.py b/src/leap/bitmask/cli/user.py
index 1c4757e1..8d3484cc 100644
--- a/src/leap/bitmask/cli/user.py
+++ b/src/leap/bitmask/cli/user.py
@@ -21,6 +21,8 @@ import argparse
 import getpass
 import sys
 
+from colorama import Fore
+
 from leap.bitmask.cli import command
 
 
@@ -35,6 +37,7 @@ SUBCOMMANDS:
    create     Registers new user, if possible
    auth       Logs in against the provider
    logout     Ends any active session with the provider
+   list       List users
    update     Update user password
    active     Shows the active user, if any
 
@@ -48,7 +51,7 @@ SUBCOMMANDS:
 
     def create(self, raw_args):
         username = self.username(raw_args)
-        passwd = self.getpass_twice()
+        passwd = self._getpass_twice()
         self.data += ['create', username, passwd, 'true']
         return self._send(printer=command.default_dict_printer)
 
@@ -63,10 +66,14 @@ SUBCOMMANDS:
         self.data += ['logout', username]
         return self._send(printer=command.default_dict_printer)
 
+    def list(self, raw_args):
+        self.data += ['list']
+        return self._send(printer=self._print_user_list)
+
     def update(self, raw_args):
         username = self.username(raw_args)
         current_passwd = getpass.getpass('Current password: ')
-        new_passwd = self.getpass_twice('New password: ')
+        new_passwd = self._getpass_twice('New password: ')
         self.data += ['update', username, current_passwd, new_passwd]
         return self._send(printer=command.default_dict_printer)
 
@@ -87,7 +94,7 @@ SUBCOMMANDS:
 
         return username
 
-    def getpass_twice(self, prompt='Password: '):
+    def _getpass_twice(self, prompt='Password: '):
         while True:
             passwd1 = getpass.getpass(prompt)
             passwd2 = getpass.getpass('Retype the password: ')
@@ -96,3 +103,10 @@ SUBCOMMANDS:
             else:
                 print "The passwords do not match, try again."
                 print ""
+
+    def _print_user_list(self, users):
+        for u in users:
+            color = ""
+            if u['authenticated']:
+                color = Fore.GREEN
+            print(color + u['userid'] + Fore.RESET)
diff --git a/src/leap/bitmask/core/dispatcher.py b/src/leap/bitmask/core/dispatcher.py
index 72f98506..a2fd6387 100644
--- a/src/leap/bitmask/core/dispatcher.py
+++ b/src/leap/bitmask/core/dispatcher.py
@@ -119,6 +119,10 @@ class UserCmd(SubCommand):
         user = parts[2]
         return bonafide.do_logout(user)
 
+    @register_method("[{'userid': str, 'authenticated': bool}]")
+    def do_LIST(self, bonafide, *parts):
+        return bonafide.do_list_users()
+
     @register_method("{'update': 'ok'}")
     def do_UPDATE(self, bonafide, *parts):
         user, current_password, new_password = parts[2], parts[3], parts[4]
diff --git a/src/leap/bitmask/core/web/bitmask.js b/src/leap/bitmask/core/web/bitmask.js
index 554b4904..4a837a09 100644
--- a/src/leap/bitmask/core/web/bitmask.js
+++ b/src/leap/bitmask/core/web/bitmask.js
@@ -179,6 +179,15 @@ var bitmask = function(){
                 },
 
                 /**
+                 * List users
+                 *
+                 * @return {Promise<json>} [{'userid': str, 'authenticated': boolean}]
+                 */
+                list: function() {
+                    return call(['bonafide', 'user', 'list']);
+                },
+
+                /**
                  * Change password
                  *
                  * @param {string} uid The uid to log in