mirror of
https://github.com/stonith404/pingvin-share.git
synced 2024-07-02 07:20:38 +02:00
fix: admin users were created while the setup wizard wasn't finished
This commit is contained in:
parent
7e91038a24
commit
ad92cfc852
|
@ -46,7 +46,6 @@ CREATE UNIQUE INDEX "ReverseShare_token_key" ON "ReverseShare"("token");
|
||||||
CREATE UNIQUE INDEX "ReverseShare_shareId_key" ON "ReverseShare"("shareId");
|
CREATE UNIQUE INDEX "ReverseShare_shareId_key" ON "ReverseShare"("shareId");
|
||||||
|
|
||||||
-- Custom migration
|
-- Custom migration
|
||||||
UPDATE Config SET `order` = 0 WHERE key = "SETUP_FINISHED";
|
|
||||||
UPDATE Config SET `order` = 0 WHERE key = "JWT_SECRET";
|
UPDATE Config SET `order` = 0 WHERE key = "JWT_SECRET";
|
||||||
UPDATE Config SET `order` = 0 WHERE key = "TOTP_SECRET";
|
UPDATE Config SET `order` = 0 WHERE key = "TOTP_SECRET";
|
||||||
|
|
||||||
|
@ -65,3 +64,4 @@ UPDATE Config SET `order` = 15 WHERE key = "SMTP_USERNAME";
|
||||||
UPDATE Config SET `order` = 16 WHERE key = "SMTP_PASSWORD";
|
UPDATE Config SET `order` = 16 WHERE key = "SMTP_PASSWORD";
|
||||||
|
|
||||||
INSERT INTO Config (`order`, `key`, `description`, `type`, `value`, `category`, `secret`, `updatedAt`) VALUES (11, "SMTP_ENABLED", "Whether SMTP is enabled. Only set this to true if you entered the host, port, email, user and password of your SMTP server.", "boolean", IFNULL((SELECT value FROM Config WHERE key="ENABLE_SHARE_EMAIL_RECIPIENTS"), "false"), "smtp", 0, strftime('%s', 'now'));
|
INSERT INTO Config (`order`, `key`, `description`, `type`, `value`, `category`, `secret`, `updatedAt`) VALUES (11, "SMTP_ENABLED", "Whether SMTP is enabled. Only set this to true if you entered the host, port, email, user and password of your SMTP server.", "boolean", IFNULL((SELECT value FROM Config WHERE key="ENABLE_SHARE_EMAIL_RECIPIENTS"), "false"), "smtp", 0, strftime('%s', 'now'));
|
||||||
|
INSERT INTO Config (`order`, `key`, `description`, `type`, `value`, `category`, `secret`, `updatedAt`, `locked`) VALUES (0, "SETUP_STATUS", "Status of the setup wizard", "string", IIF((SELECT value FROM Config WHERE key="SETUP_FINISHED") == "true", "FINISHED", "STARTED"), "internal", 0, strftime('%s', 'now'), 1);
|
|
@ -4,10 +4,10 @@ import * as crypto from "crypto";
|
||||||
const configVariables: Prisma.ConfigCreateInput[] = [
|
const configVariables: Prisma.ConfigCreateInput[] = [
|
||||||
{
|
{
|
||||||
order: 0,
|
order: 0,
|
||||||
key: "SETUP_FINISHED",
|
key: "SETUP_STATUS",
|
||||||
description: "Status of the setup wizard",
|
description: "Status of the setup wizard",
|
||||||
type: "boolean",
|
type: "string",
|
||||||
value: "false",
|
value: "STARTED", // STARTED, REGISTERED, FINISHED
|
||||||
category: "internal",
|
category: "internal",
|
||||||
secret: false,
|
secret: false,
|
||||||
locked: true,
|
locked: true,
|
||||||
|
|
|
@ -23,6 +23,8 @@ export class AuthService {
|
||||||
) {}
|
) {}
|
||||||
|
|
||||||
async signUp(dto: AuthRegisterDTO) {
|
async signUp(dto: AuthRegisterDTO) {
|
||||||
|
const isFirstUser = this.config.get("SETUP_STATUS") == "STARTED";
|
||||||
|
|
||||||
const hash = await argon.hash(dto.password);
|
const hash = await argon.hash(dto.password);
|
||||||
try {
|
try {
|
||||||
const user = await this.prisma.user.create({
|
const user = await this.prisma.user.create({
|
||||||
|
@ -30,10 +32,14 @@ export class AuthService {
|
||||||
email: dto.email,
|
email: dto.email,
|
||||||
username: dto.username,
|
username: dto.username,
|
||||||
password: hash,
|
password: hash,
|
||||||
isAdmin: !this.config.get("SETUP_FINISHED"),
|
isAdmin: isFirstUser,
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
|
||||||
|
if (isFirstUser) {
|
||||||
|
await this.config.changeSetupStatus("REGISTERED");
|
||||||
|
}
|
||||||
|
|
||||||
const { refreshToken, refreshTokenId } = await this.createRefreshToken(
|
const { refreshToken, refreshTokenId } = await this.createRefreshToken(
|
||||||
user.id
|
user.id
|
||||||
);
|
);
|
||||||
|
|
|
@ -37,7 +37,7 @@ export class ConfigController {
|
||||||
@Post("admin/finishSetup")
|
@Post("admin/finishSetup")
|
||||||
@UseGuards(JwtGuard, AdministratorGuard)
|
@UseGuards(JwtGuard, AdministratorGuard)
|
||||||
async finishSetup() {
|
async finishSetup() {
|
||||||
return await this.configService.finishSetup();
|
return await this.configService.changeSetupStatus("FINISHED");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("admin/testEmail")
|
@Post("admin/testEmail")
|
||||||
|
|
|
@ -76,10 +76,10 @@ export class ConfigService {
|
||||||
return updatedVariable;
|
return updatedVariable;
|
||||||
}
|
}
|
||||||
|
|
||||||
async finishSetup() {
|
async changeSetupStatus(status: "STARTED" | "REGISTERED" | "FINISHED") {
|
||||||
return await this.prisma.config.update({
|
return await this.prisma.config.update({
|
||||||
where: { key: "SETUP_FINISHED" },
|
where: { key: "SETUP_STATUS" },
|
||||||
data: { value: "true" },
|
data: { value: status },
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -112,15 +112,7 @@ const AdminConfigTable = () => {
|
||||||
<Group position="right">
|
<Group position="right">
|
||||||
<Button
|
<Button
|
||||||
onClick={() => {
|
onClick={() => {
|
||||||
if (config.get("SETUP_FINISHED")) {
|
if (config.get("SETUP_STATUS") == "REGISTERED") {
|
||||||
configService
|
|
||||||
.updateMany(updatedConfigVariables)
|
|
||||||
.then(() => {
|
|
||||||
updatedConfigVariables = [];
|
|
||||||
toast.success("Configurations updated successfully");
|
|
||||||
})
|
|
||||||
.catch(toast.axiosError);
|
|
||||||
} else {
|
|
||||||
configService
|
configService
|
||||||
.updateMany(updatedConfigVariables)
|
.updateMany(updatedConfigVariables)
|
||||||
.then(async () => {
|
.then(async () => {
|
||||||
|
@ -128,6 +120,14 @@ const AdminConfigTable = () => {
|
||||||
window.location.reload();
|
window.location.reload();
|
||||||
})
|
})
|
||||||
.catch(toast.axiosError);
|
.catch(toast.axiosError);
|
||||||
|
} else {
|
||||||
|
configService
|
||||||
|
.updateMany(updatedConfigVariables)
|
||||||
|
.then(() => {
|
||||||
|
updatedConfigVariables = [];
|
||||||
|
toast.success("Configurations updated successfully");
|
||||||
|
})
|
||||||
|
.catch(toast.axiosError);
|
||||||
}
|
}
|
||||||
}}
|
}}
|
||||||
>
|
>
|
||||||
|
|
|
@ -46,15 +46,24 @@ function App({ Component, pageProps }: AppProps) {
|
||||||
getInitalData();
|
getInitalData();
|
||||||
}, []);
|
}, []);
|
||||||
|
|
||||||
|
// Redirect to setup page if setup is not completed
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
if (
|
if (
|
||||||
configVariables &&
|
configVariables &&
|
||||||
configVariables.filter((variable) => variable.key)[0].value == "false" &&
|
|
||||||
!["/auth/signUp", "/admin/setup"].includes(router.asPath)
|
!["/auth/signUp", "/admin/setup"].includes(router.asPath)
|
||||||
) {
|
) {
|
||||||
router.push(!user ? "/auth/signUp" : "/admin/setup");
|
const setupStatus = configVariables.filter(
|
||||||
|
(variable) => variable.key == "SETUP_STATUS"
|
||||||
|
)[0].value;
|
||||||
|
if (setupStatus == "STARTED") {
|
||||||
|
router.replace("/auth/signUp");
|
||||||
|
} else if (user && setupStatus == "REGISTERED") {
|
||||||
|
router.replace("/admin/setup");
|
||||||
|
} else if (setupStatus == "REGISTERED") {
|
||||||
|
router.replace("/auth/signIn");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}, [router.asPath]);
|
}, [configVariables, router.asPath]);
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
setColorScheme(
|
setColorScheme(
|
||||||
|
|
|
@ -15,7 +15,7 @@ const Setup = () => {
|
||||||
if (!user) {
|
if (!user) {
|
||||||
router.push("/auth/signUp");
|
router.push("/auth/signUp");
|
||||||
return;
|
return;
|
||||||
} else if (config.get("SETUP_FINISHED")) {
|
} else if (config.get("SETUP_STATUS") == "FINISHED") {
|
||||||
router.push("/");
|
router.push("/");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user