feat(api): first user is admin
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
c4602c8c3b
commit
6c6a6dd329
77
api/auth.go
77
api/auth.go
@ -205,7 +205,7 @@ func (api *API) appAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Generate Auth Hash
|
// Generate auth hash
|
||||||
rawAuthHash, err := utils.GenerateToken(64)
|
rawAuthHash, err := utils.GenerateToken(64)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to generate user token: ", err)
|
log.Error("Failed to generate user token: ", err)
|
||||||
@ -214,31 +214,41 @@ func (api *API) appAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create User in DB
|
// Get current users
|
||||||
authHash := fmt.Sprintf("%x", rawAuthHash)
|
currentUsers, err := api.db.Queries.GetUsers(api.db.Ctx)
|
||||||
rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
|
|
||||||
ID: username,
|
|
||||||
Pass: &hashedPassword,
|
|
||||||
AuthHash: &authHash,
|
|
||||||
})
|
|
||||||
|
|
||||||
// SQL Error
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("CreateUser DB Error:", err)
|
log.Error("Failed to check all users: ", err)
|
||||||
templateVars["Error"] = "Registration Disabled or User Already Exists"
|
templateVars["Error"] = "Failed to Create User"
|
||||||
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// User Already Exists
|
// Determine if we should be admin
|
||||||
if rows == 0 {
|
isAdmin := false
|
||||||
|
if len(currentUsers) == 0 {
|
||||||
|
isAdmin = true
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create user in DB
|
||||||
|
authHash := fmt.Sprintf("%x", rawAuthHash)
|
||||||
|
if rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
|
||||||
|
ID: username,
|
||||||
|
Pass: &hashedPassword,
|
||||||
|
AuthHash: &authHash,
|
||||||
|
Admin: isAdmin,
|
||||||
|
}); err != nil {
|
||||||
|
log.Error("CreateUser DB Error:", err)
|
||||||
|
templateVars["Error"] = "Registration Disabled or User Already Exists"
|
||||||
|
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
||||||
|
return
|
||||||
|
} else if rows == 0 {
|
||||||
log.Warn("User Already Exists:", username)
|
log.Warn("User Already Exists:", username)
|
||||||
templateVars["Error"] = "Registration Disabled or User Already Exists"
|
templateVars["Error"] = "Registration Disabled or User Already Exists"
|
||||||
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
c.HTML(http.StatusBadRequest, "page/login", templateVars)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get User
|
// Get user
|
||||||
user, err := api.db.Queries.GetUser(api.db.Ctx, username)
|
user, err := api.db.Queries.GetUser(api.db.Ctx, username)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("GetUser DB Error:", err)
|
log.Error("GetUser DB Error:", err)
|
||||||
@ -247,7 +257,7 @@ func (api *API) appAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set Session
|
// Set session
|
||||||
auth := authData{
|
auth := authData{
|
||||||
UserName: user.ID,
|
UserName: user.ID,
|
||||||
IsAdmin: user.Admin,
|
IsAdmin: user.Admin,
|
||||||
@ -289,6 +299,7 @@ func (api *API) koAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Generate password hash
|
||||||
hashedPassword, err := argon2.CreateHash(rUser.Password, argon2.DefaultParams)
|
hashedPassword, err := argon2.CreateHash(rUser.Password, argon2.DefaultParams)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Argon2 Hash Failure:", err)
|
log.Error("Argon2 Hash Failure:", err)
|
||||||
@ -296,7 +307,7 @@ func (api *API) koAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Generate Auth Hash
|
// Generate auth hash
|
||||||
rawAuthHash, err := utils.GenerateToken(64)
|
rawAuthHash, err := utils.GenerateToken(64)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to generate user token: ", err)
|
log.Error("Failed to generate user token: ", err)
|
||||||
@ -304,20 +315,32 @@ func (api *API) koAuthRegister(c *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
authHash := fmt.Sprintf("%x", rawAuthHash)
|
// Get current users
|
||||||
rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
|
currentUsers, err := api.db.Queries.GetUsers(api.db.Ctx)
|
||||||
ID: rUser.Username,
|
|
||||||
Pass: &hashedPassword,
|
|
||||||
AuthHash: &authHash,
|
|
||||||
})
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("CreateUser DB Error:", err)
|
log.Error("Failed to check all users: ", err)
|
||||||
apiErrorPage(c, http.StatusBadRequest, "Invalid User Data")
|
apiErrorPage(c, http.StatusBadRequest, "Failed to Create User")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// User Exists
|
// Determine if we should be admin
|
||||||
if rows == 0 {
|
isAdmin := false
|
||||||
|
if len(currentUsers) == 0 {
|
||||||
|
isAdmin = true
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create user
|
||||||
|
authHash := fmt.Sprintf("%x", rawAuthHash)
|
||||||
|
if rows, err := api.db.Queries.CreateUser(api.db.Ctx, database.CreateUserParams{
|
||||||
|
ID: rUser.Username,
|
||||||
|
Pass: &hashedPassword,
|
||||||
|
AuthHash: &authHash,
|
||||||
|
Admin: isAdmin,
|
||||||
|
}); err != nil {
|
||||||
|
log.Error("CreateUser DB Error:", err)
|
||||||
|
apiErrorPage(c, http.StatusBadRequest, "Invalid User Data")
|
||||||
|
return
|
||||||
|
} else if rows == 0 {
|
||||||
log.Error("User Already Exists:", rUser.Username)
|
log.Error("User Already Exists:", rUser.Username)
|
||||||
apiErrorPage(c, http.StatusBadRequest, "User Already Exists")
|
apiErrorPage(c, http.StatusBadRequest, "User Already Exists")
|
||||||
return
|
return
|
||||||
|
|||||||
@ -26,8 +26,8 @@ VALUES (?, ?, ?, ?, ?, ?, ?, ?)
|
|||||||
RETURNING *;
|
RETURNING *;
|
||||||
|
|
||||||
-- name: CreateUser :execrows
|
-- name: CreateUser :execrows
|
||||||
INSERT INTO users (id, pass, auth_hash)
|
INSERT INTO users (id, pass, auth_hash, admin)
|
||||||
VALUES (?, ?, ?)
|
VALUES (?, ?, ?, ?)
|
||||||
ON CONFLICT DO NOTHING;
|
ON CONFLICT DO NOTHING;
|
||||||
|
|
||||||
-- name: DeleteDocument :execrows
|
-- name: DeleteDocument :execrows
|
||||||
|
|||||||
@ -113,8 +113,8 @@ func (q *Queries) AddMetadata(ctx context.Context, arg AddMetadataParams) (Metad
|
|||||||
}
|
}
|
||||||
|
|
||||||
const createUser = `-- name: CreateUser :execrows
|
const createUser = `-- name: CreateUser :execrows
|
||||||
INSERT INTO users (id, pass, auth_hash)
|
INSERT INTO users (id, pass, auth_hash, admin)
|
||||||
VALUES (?, ?, ?)
|
VALUES (?, ?, ?, ?)
|
||||||
ON CONFLICT DO NOTHING
|
ON CONFLICT DO NOTHING
|
||||||
`
|
`
|
||||||
|
|
||||||
@ -122,10 +122,16 @@ type CreateUserParams struct {
|
|||||||
ID string `json:"id"`
|
ID string `json:"id"`
|
||||||
Pass *string `json:"-"`
|
Pass *string `json:"-"`
|
||||||
AuthHash *string `json:"auth_hash"`
|
AuthHash *string `json:"auth_hash"`
|
||||||
|
Admin bool `json:"-"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (int64, error) {
|
func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (int64, error) {
|
||||||
result, err := q.db.ExecContext(ctx, createUser, arg.ID, arg.Pass, arg.AuthHash)
|
result, err := q.db.ExecContext(ctx, createUser,
|
||||||
|
arg.ID,
|
||||||
|
arg.Pass,
|
||||||
|
arg.AuthHash,
|
||||||
|
arg.Admin,
|
||||||
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user