Set initial admin password if configured

Resolves #806 (Allow admins to configure the initial password of the admin user)
Closes #809 PR (Allow to configure initial admin pw)
This commit is contained in:
Igor Scheller 2021-05-23 11:24:01 +02:00
parent d7eb3b9c5b
commit 3912b4e93e
6 changed files with 63 additions and 5 deletions

View File

@ -313,11 +313,12 @@ deploy:
- export CI_INGRESS_DOMAIN=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?\K([^/]+)' | head -n1) - export CI_INGRESS_DOMAIN=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?\K([^/]+)' | head -n1)
- export CI_INGRESS_PATH=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?(?:[^/])+\K(.*)') - export CI_INGRESS_PATH=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?(?:[^/])+\K(.*)')
- export CI_KUBE_NAMESPACE=$KUBE_NAMESPACE - export CI_KUBE_NAMESPACE=$KUBE_NAMESPACE
# Any available storage class like longhorn # Any available storage class like default, local-path (if you know what you are doing ;), longhorn etc.
- export CI_PVC_SC=${CI_PVC_SC:-"${CI_PVC_SC_LOCAL:-local-path}"} - export CI_PVC_SC=${CI_PVC_SC:-"${CI_PVC_SC_LOCAL:-local-path}"}
- export CI_REPLICAS=${CI_REPLICAS_REVIEW:-${CI_REPLICAS:-2}} - export CI_REPLICAS=${CI_REPLICAS_REVIEW:-${CI_REPLICAS:-2}}
- export CI_APP_NAME=${CI_APP_NAME:-Engelsystem} - export CI_APP_NAME=${CI_APP_NAME:-Engelsystem}
- export CI_CLUSTER_ISSUER=${CI_CLUSTER_ISSUER:-letsencrypt} - export CI_CLUSTER_ISSUER=${CI_CLUSTER_ISSUER:-letsencrypt}
- export CI_SETUP_ADMIN_PASSWORD=${CI_SETUP_ADMIN_PASSWORD}
- cp deployment.tpl.yaml deployment.yaml - cp deployment.tpl.yaml deployment.yaml
- for env in ${!CI_*}; do sed -i "s#<${env}>#$(echo "${!env}"|head -n1)#g" deployment.yaml; done - for env in ${!CI_*}; do sed -i "s#<${env}>#$(echo "${!env}"|head -n1)#g" deployment.yaml; done

View File

@ -66,6 +66,9 @@ return [
'sendmail' => env('MAIL_SENDMAIL', '/usr/sbin/sendmail -bs'), 'sendmail' => env('MAIL_SENDMAIL', '/usr/sbin/sendmail -bs'),
], ],
// Initial admin password
'setup_admin_password' => env('SETUP_ADMIN_PASSWORD', null),
'oauth' => [ 'oauth' => [
// '[name]' => [config] // '[name]' => [config]
/* /*

View File

@ -0,0 +1,48 @@
<?php
namespace Engelsystem\Migrations;
use Engelsystem\Config\Config;
use Engelsystem\Database\Migration\Migration;
use Engelsystem\Helpers\Authenticator;
use Engelsystem\Models\User\User;
use Illuminate\Database\Schema\Builder as SchemaBuilder;
class SetAdminPassword extends Migration
{
use Reference;
/** @var Authenticator */
protected $auth;
/** @var Config */
protected $config;
/**
* @param SchemaBuilder $schemaBuilder
* @param Authenticator $auth
* @param Config $config
*/
public function __construct(SchemaBuilder $schemaBuilder, Authenticator $auth, Config $config)
{
parent::__construct($schemaBuilder);
$this->auth = $auth;
$this->config = $config;
}
/**
* Run the migration
*/
public function up()
{
/** @var User $admin */
$admin = $this->auth->authenticate('admin', 'asdfasdf');
$setupPassword = $this->config->get('setup_admin_password');
if (!$admin || !$setupPassword) {
return;
}
$this->auth->setPassword($admin, $setupPassword);
}
}

View File

@ -127,6 +127,8 @@ spec:
value: engelsystem value: engelsystem
- name: MYSQL_PASSWORD - name: MYSQL_PASSWORD
value: engelsystem value: engelsystem
- name: SETUP_ADMIN_PASSWORD
value: '<CI_SETUP_ADMIN_PASSWORD>'
containers: containers:
- image: <CI_IMAGE> - image: <CI_IMAGE>
name: engelsystem-fpm name: engelsystem-fpm

View File

@ -175,7 +175,7 @@ class Authenticator
} }
/** /**
* @param UserRepository $user * @param User $user
* @param string $password * @param string $password
*/ */
public function setPassword(User $user, string $password) public function setPassword(User $user, string $password)

View File

@ -5,8 +5,10 @@ namespace Engelsystem\Test\Unit;
use Engelsystem\Database\Database; use Engelsystem\Database\Database;
use Engelsystem\Database\Migration\Migrate; use Engelsystem\Database\Migration\Migrate;
use Engelsystem\Database\Migration\MigrationServiceProvider; use Engelsystem\Database\Migration\MigrationServiceProvider;
use Engelsystem\Http\Request;
use Illuminate\Database\Capsule\Manager as CapsuleManager; use Illuminate\Database\Capsule\Manager as CapsuleManager;
use PDO; use PDO;
use Psr\Http\Message\ServerRequestInterface;
trait HasDatabase trait HasDatabase
{ {
@ -29,6 +31,8 @@ trait HasDatabase
$this->app->instance(Database::class, $this->database); $this->app->instance(Database::class, $this->database);
$this->app->register(MigrationServiceProvider::class); $this->app->register(MigrationServiceProvider::class);
$this->app->instance(ServerRequestInterface::class, new Request());
/** @var Migrate $migration */ /** @var Migrate $migration */
$migration = $this->app->get('db.migration'); $migration = $this->app->get('db.migration');
$migration->initMigration(); $migration->initMigration();