diff options
| author | metamuffin <metamuffin@disroot.org> | 2023-12-26 22:37:29 +0100 |
|---|---|---|
| committer | metamuffin <metamuffin@disroot.org> | 2023-12-26 22:37:29 +0100 |
| commit | f0a1e6615c147f740ee1ec0bb6f06ca9e450cc98 (patch) | |
| tree | 91f9c893f3eadf811d2626f4c6166f4ba38bdc22 | |
| parent | 2ff2d07b5ed265d0f4ce095002484fe771e51dae (diff) | |
| download | jellything-f0a1e6615c147f740ee1ec0bb6f06ca9e450cc98.tar jellything-f0a1e6615c147f740ee1ec0bb6f06ca9e450cc98.tar.bz2 jellything-f0a1e6615c147f740ee1ec0bb6f06ca9e450cc98.tar.zst | |
disable admin account by default for sane default config
| -rw-r--r-- | common/src/config.rs | 10 | ||||
| -rw-r--r-- | server/src/main.rs | 47 | ||||
| -rw-r--r-- | tool/src/main.rs | 12 |
3 files changed, 35 insertions, 34 deletions
diff --git a/common/src/config.rs b/common/src/config.rs index a520fe0..7328d6e 100644 --- a/common/src/config.rs +++ b/common/src/config.rs @@ -20,10 +20,10 @@ pub struct GlobalConfig { #[serde(default = "default::temp_path")] pub temp_path: PathBuf, #[serde(default = "default::cache_path")] pub cache_path: PathBuf, #[serde(default = "default::media_path")] pub media_path: PathBuf, - #[serde(default = "default::admin_username")] pub admin_username: String, #[serde(default = "default::transcoding_profiles")] pub transcoding_profiles: Vec<EncodingProfile>, #[serde(default = "default::max_in_memory_cache_size")] pub max_in_memory_cache_size: usize, - pub admin_password: String, + #[serde(default)] pub admin_username: Option<String>, + #[serde(default)] pub admin_password: Option<String>, #[serde(default)] pub cookie_key: Option<String>, #[serde(default)] pub session_key: Option<String>, #[serde(default = "default::login_expire")] pub login_expire: i64, @@ -33,13 +33,9 @@ pub struct GlobalConfig { } mod default { - use std::path::PathBuf; - use crate::jhls::EncodingProfile; + use std::path::PathBuf; - pub fn admin_username() -> String { - "admin".into() - } pub fn login_expire() -> i64 { 60 * 60 * 24 } diff --git a/server/src/main.rs b/server/src/main.rs index d9ddf8b..acb8c87 100644 --- a/server/src/main.rs +++ b/server/src/main.rs @@ -5,12 +5,13 @@ */ #![feature(lazy_cell)] #![feature(int_roundings)] +#![feature(let_chains)] use crate::routes::ui::{account::hash_password, admin::log::enable_logging}; use database::Database; -use jellybase::{CONF, federation::Federation}; +use jellybase::{federation::Federation, CONF}; use jellycommon::user::{PermissionSet, Theme, User}; -use log::{error, warn}; +use log::{error, warn, info}; use routes::build_rocket; use tokio::fs::create_dir_all; @@ -27,29 +28,31 @@ async fn main() { let database = Database::open(&CONF.database_path).unwrap(); let federation = Federation::initialize(); - database - .user - .fetch_and_update(&CONF.admin_username, |admin| { - Some(User { - admin: true, - name: CONF.admin_username.clone(), - password: hash_password(&CONF.admin_username, &CONF.admin_password), - ..admin.unwrap_or_else(|| User { - name: Default::default(), - display_name: "Admin".to_string(), - password: Default::default(), - admin: Default::default(), - theme: Theme::Dark, - permissions: PermissionSet::default(), + if let Some(username) = &CONF.admin_username + && let Some(password) = &CONF.admin_password + { + database + .user + .fetch_and_update(&username, |admin| { + Some(User { + admin: true, + name: username.clone(), + password: hash_password(&username, &password), + ..admin.unwrap_or_else(|| User { + name: Default::default(), + display_name: "Admin".to_string(), + password: Default::default(), + admin: Default::default(), + theme: Theme::Dark, + permissions: PermissionSet::default(), + }) }) }) - }) - .unwrap(); + .unwrap(); + } else { + info!("admin account disabled") + } - // if let Err(err) = import::import(&database, &federation).await { - // log::error!("import not sucessful: {err:?}") - // } - let r = build_rocket(database, federation).launch().await; match r { Ok(_) => warn!("server shutdown"), diff --git a/tool/src/main.rs b/tool/src/main.rs index f199761..c220a08 100644 --- a/tool/src/main.rs +++ b/tool/src/main.rs @@ -109,8 +109,6 @@ fn main() -> anyhow::Result<()> { base64::engine::general_purpose::STANDARD .encode([(); 32].map(|_| random())), ), - admin_username: "admin".to_string(), - admin_password: "hackme".to_string(), login_expire: 10, ..Default::default() }, @@ -129,7 +127,7 @@ fn main() -> anyhow::Result<()> { }, )?; info!("{brand:?} is ready!"); - warn!("please change the admin password."); + warn!("please add an admin password to login."); Ok(()) } a @ Action::Migrate { .. } => migrate(a), @@ -145,8 +143,12 @@ fn main() -> anyhow::Result<()> { .login(CreateSessionParams { drop_permissions: None, expire: None, - password: config.admin_password, - username: config.admin_username, + password: config + .admin_password + .ok_or(anyhow!("admin account required"))?, + username: config + .admin_username + .ok_or(anyhow!("admin account required"))?, }) .await?; |