mirror of
https://github.com/stonith404/pingvin-share.git
synced 2024-06-30 06:30:11 +02:00
fix: admin users were created while the setup wizard wasn't finished
This commit is contained in:
parent
7e91038a24
commit
ad92cfc852
|
@ -46,7 +46,6 @@ CREATE UNIQUE INDEX "ReverseShare_token_key" ON "ReverseShare"("token");
|
|||
CREATE UNIQUE INDEX "ReverseShare_shareId_key" ON "ReverseShare"("shareId");
|
||||
|
||||
-- Custom migration
|
||||
UPDATE Config SET `order` = 0 WHERE key = "SETUP_FINISHED";
|
||||
UPDATE Config SET `order` = 0 WHERE key = "JWT_SECRET";
|
||||
UPDATE Config SET `order` = 0 WHERE key = "TOTP_SECRET";
|
||||
|
||||
|
@ -65,3 +64,4 @@ UPDATE Config SET `order` = 15 WHERE key = "SMTP_USERNAME";
|
|||
UPDATE Config SET `order` = 16 WHERE key = "SMTP_PASSWORD";
|
||||
|
||||
INSERT INTO Config (`order`, `key`, `description`, `type`, `value`, `category`, `secret`, `updatedAt`) VALUES (11, "SMTP_ENABLED", "Whether SMTP is enabled. Only set this to true if you entered the host, port, email, user and password of your SMTP server.", "boolean", IFNULL((SELECT value FROM Config WHERE key="ENABLE_SHARE_EMAIL_RECIPIENTS"), "false"), "smtp", 0, strftime('%s', 'now'));
|
||||
INSERT INTO Config (`order`, `key`, `description`, `type`, `value`, `category`, `secret`, `updatedAt`, `locked`) VALUES (0, "SETUP_STATUS", "Status of the setup wizard", "string", IIF((SELECT value FROM Config WHERE key="SETUP_FINISHED") == "true", "FINISHED", "STARTED"), "internal", 0, strftime('%s', 'now'), 1);
|
|
@ -4,10 +4,10 @@ import * as crypto from "crypto";
|
|||
const configVariables: Prisma.ConfigCreateInput[] = [
|
||||
{
|
||||
order: 0,
|
||||
key: "SETUP_FINISHED",
|
||||
key: "SETUP_STATUS",
|
||||
description: "Status of the setup wizard",
|
||||
type: "boolean",
|
||||
value: "false",
|
||||
type: "string",
|
||||
value: "STARTED", // STARTED, REGISTERED, FINISHED
|
||||
category: "internal",
|
||||
secret: false,
|
||||
locked: true,
|
||||
|
|
|
@ -23,6 +23,8 @@ export class AuthService {
|
|||
) {}
|
||||
|
||||
async signUp(dto: AuthRegisterDTO) {
|
||||
const isFirstUser = this.config.get("SETUP_STATUS") == "STARTED";
|
||||
|
||||
const hash = await argon.hash(dto.password);
|
||||
try {
|
||||
const user = await this.prisma.user.create({
|
||||
|
@ -30,10 +32,14 @@ export class AuthService {
|
|||
email: dto.email,
|
||||
username: dto.username,
|
||||
password: hash,
|
||||
isAdmin: !this.config.get("SETUP_FINISHED"),
|
||||
isAdmin: isFirstUser,
|
||||
},
|
||||
});
|
||||
|
||||
if (isFirstUser) {
|
||||
await this.config.changeSetupStatus("REGISTERED");
|
||||
}
|
||||
|
||||
const { refreshToken, refreshTokenId } = await this.createRefreshToken(
|
||||
user.id
|
||||
);
|
||||
|
|
|
@ -37,7 +37,7 @@ export class ConfigController {
|
|||
@Post("admin/finishSetup")
|
||||
@UseGuards(JwtGuard, AdministratorGuard)
|
||||
async finishSetup() {
|
||||
return await this.configService.finishSetup();
|
||||
return await this.configService.changeSetupStatus("FINISHED");
|
||||
}
|
||||
|
||||
@Post("admin/testEmail")
|
||||
|
|
|
@ -76,10 +76,10 @@ export class ConfigService {
|
|||
return updatedVariable;
|
||||
}
|
||||
|
||||
async finishSetup() {
|
||||
async changeSetupStatus(status: "STARTED" | "REGISTERED" | "FINISHED") {
|
||||
return await this.prisma.config.update({
|
||||
where: { key: "SETUP_FINISHED" },
|
||||
data: { value: "true" },
|
||||
where: { key: "SETUP_STATUS" },
|
||||
data: { value: status },
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
|
@ -112,15 +112,7 @@ const AdminConfigTable = () => {
|
|||
<Group position="right">
|
||||
<Button
|
||||
onClick={() => {
|
||||
if (config.get("SETUP_FINISHED")) {
|
||||
configService
|
||||
.updateMany(updatedConfigVariables)
|
||||
.then(() => {
|
||||
updatedConfigVariables = [];
|
||||
toast.success("Configurations updated successfully");
|
||||
})
|
||||
.catch(toast.axiosError);
|
||||
} else {
|
||||
if (config.get("SETUP_STATUS") == "REGISTERED") {
|
||||
configService
|
||||
.updateMany(updatedConfigVariables)
|
||||
.then(async () => {
|
||||
|
@ -128,6 +120,14 @@ const AdminConfigTable = () => {
|
|||
window.location.reload();
|
||||
})
|
||||
.catch(toast.axiosError);
|
||||
} else {
|
||||
configService
|
||||
.updateMany(updatedConfigVariables)
|
||||
.then(() => {
|
||||
updatedConfigVariables = [];
|
||||
toast.success("Configurations updated successfully");
|
||||
})
|
||||
.catch(toast.axiosError);
|
||||
}
|
||||
}}
|
||||
>
|
||||
|
|
|
@ -46,15 +46,24 @@ function App({ Component, pageProps }: AppProps) {
|
|||
getInitalData();
|
||||
}, []);
|
||||
|
||||
// Redirect to setup page if setup is not completed
|
||||
useEffect(() => {
|
||||
if (
|
||||
configVariables &&
|
||||
configVariables.filter((variable) => variable.key)[0].value == "false" &&
|
||||
!["/auth/signUp", "/admin/setup"].includes(router.asPath)
|
||||
) {
|
||||
router.push(!user ? "/auth/signUp" : "/admin/setup");
|
||||
const setupStatus = configVariables.filter(
|
||||
(variable) => variable.key == "SETUP_STATUS"
|
||||
)[0].value;
|
||||
if (setupStatus == "STARTED") {
|
||||
router.replace("/auth/signUp");
|
||||
} else if (user && setupStatus == "REGISTERED") {
|
||||
router.replace("/admin/setup");
|
||||
} else if (setupStatus == "REGISTERED") {
|
||||
router.replace("/auth/signIn");
|
||||
}
|
||||
}
|
||||
}, [router.asPath]);
|
||||
}, [configVariables, router.asPath]);
|
||||
|
||||
useEffect(() => {
|
||||
setColorScheme(
|
||||
|
|
|
@ -15,7 +15,7 @@ const Setup = () => {
|
|||
if (!user) {
|
||||
router.push("/auth/signUp");
|
||||
return;
|
||||
} else if (config.get("SETUP_FINISHED")) {
|
||||
} else if (config.get("SETUP_STATUS") == "FINISHED") {
|
||||
router.push("/");
|
||||
return;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user