Add user now supports reading password from an env var.
This commit is contained in:
Kenix
parent
feef15c485
commit
3dec7efadb
46
cmd/user.go
46
cmd/user.go
|
|
@ -6,11 +6,12 @@ import (
|
||||||
"crypto/subtle"
|
"crypto/subtle"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
"github.com/urfave/cli/v2/altsrc"
|
"github.com/urfave/cli/v2/altsrc"
|
||||||
"heckel.io/ntfy/auth"
|
"heckel.io/ntfy/auth"
|
||||||
"heckel.io/ntfy/util"
|
"heckel.io/ntfy/util"
|
||||||
"strings"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
|
|
@ -40,6 +41,7 @@ var cmdUser = &cli.Command{
|
||||||
Action: execUserAdd,
|
Action: execUserAdd,
|
||||||
Flags: []cli.Flag{
|
Flags: []cli.Flag{
|
||||||
&cli.StringFlag{Name: "role", Aliases: []string{"r"}, Value: string(auth.RoleUser), Usage: "user role"},
|
&cli.StringFlag{Name: "role", Aliases: []string{"r"}, Value: string(auth.RoleUser), Usage: "user role"},
|
||||||
|
&cli.StringFlag{Name: "user", Aliases: []string{"u"}, EnvVars: []string{"NTFY_USER"}, Usage: "username[:password] used to auth against the server"},
|
||||||
},
|
},
|
||||||
Description: `Add a new user to the ntfy user database.
|
Description: `Add a new user to the ntfy user database.
|
||||||
|
|
||||||
|
|
@ -135,14 +137,38 @@ Examples:
|
||||||
}
|
}
|
||||||
|
|
||||||
func execUserAdd(c *cli.Context) error {
|
func execUserAdd(c *cli.Context) error {
|
||||||
username := c.Args().Get(0)
|
var username string
|
||||||
|
var password string
|
||||||
|
userAndPass := c.String("user")
|
||||||
role := auth.Role(c.String("role"))
|
role := auth.Role(c.String("role"))
|
||||||
if username == "" {
|
if userAndPass != "" {
|
||||||
return errors.New("username expected, type 'ntfy user add --help' for help")
|
parts := strings.SplitN(userAndPass, ":", 2)
|
||||||
} else if username == userEveryone {
|
if len(parts) == 2 {
|
||||||
return errors.New("username not allowed")
|
username = parts[0]
|
||||||
} else if !auth.AllowedRole(role) {
|
password = parts[1]
|
||||||
return errors.New("role must be either 'user' or 'admin'")
|
} else {
|
||||||
|
p, err := readPasswordAndConfirm(c)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
username = userAndPass
|
||||||
|
password = p
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
username = c.Args().Get(0)
|
||||||
|
if username == "" {
|
||||||
|
return errors.New("username expected, type 'ntfy user add --help' for help")
|
||||||
|
} else if username == userEveryone {
|
||||||
|
return errors.New("username not allowed")
|
||||||
|
} else if !auth.AllowedRole(role) {
|
||||||
|
return errors.New("role must be either 'user' or 'admin'")
|
||||||
|
}
|
||||||
|
|
||||||
|
p, err := readPasswordAndConfirm(c)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
password = p
|
||||||
}
|
}
|
||||||
manager, err := createAuthManager(c)
|
manager, err := createAuthManager(c)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -151,10 +177,6 @@ func execUserAdd(c *cli.Context) error {
|
||||||
if user, _ := manager.User(username); user != nil {
|
if user, _ := manager.User(username); user != nil {
|
||||||
return fmt.Errorf("user %s already exists", username)
|
return fmt.Errorf("user %s already exists", username)
|
||||||
}
|
}
|
||||||
password, err := readPasswordAndConfirm(c)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
if err := manager.AddUser(username, password, role); err != nil {
|
if err := manager.AddUser(username, password, role); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue