From 3dec7efadb418bc065f6aa856e7196cd5a12b65d Mon Sep 17 00:00:00 2001 From: Kenix Date: Wed, 15 Jun 2022 11:42:22 -0400 Subject: [PATCH 1/6] Add user now supports reading password from an env var. --- cmd/user.go | 46 ++++++++++++++++++++++++++++++++++------------ 1 file changed, 34 insertions(+), 12 deletions(-) diff --git a/cmd/user.go b/cmd/user.go index acc06d4c..5a5b1f9c 100644 --- a/cmd/user.go +++ b/cmd/user.go @@ -6,11 +6,12 @@ import ( "crypto/subtle" "errors" "fmt" + "strings" + "github.com/urfave/cli/v2" "github.com/urfave/cli/v2/altsrc" "heckel.io/ntfy/auth" "heckel.io/ntfy/util" - "strings" ) func init() { @@ -40,6 +41,7 @@ var cmdUser = &cli.Command{ Action: execUserAdd, Flags: []cli.Flag{ &cli.StringFlag{Name: "role", Aliases: []string{"r"}, Value: string(auth.RoleUser), Usage: "user role"}, + &cli.StringFlag{Name: "user", Aliases: []string{"u"}, EnvVars: []string{"NTFY_USER"}, Usage: "username[:password] used to auth against the server"}, }, Description: `Add a new user to the ntfy user database. @@ -135,14 +137,38 @@ Examples: } func execUserAdd(c *cli.Context) error { - username := c.Args().Get(0) + var username string + var password string + userAndPass := c.String("user") role := auth.Role(c.String("role")) - if username == "" { - return errors.New("username expected, type 'ntfy user add --help' for help") - } else if username == userEveryone { - return errors.New("username not allowed") - } else if !auth.AllowedRole(role) { - return errors.New("role must be either 'user' or 'admin'") + if userAndPass != "" { + parts := strings.SplitN(userAndPass, ":", 2) + if len(parts) == 2 { + username = parts[0] + password = parts[1] + } else { + p, err := readPasswordAndConfirm(c) + if err != nil { + return err + } + username = userAndPass + password = p + } + } else { + username = c.Args().Get(0) + if username == "" { + return errors.New("username expected, type 'ntfy user add --help' for help") + } else if username == userEveryone { + return errors.New("username not allowed") + } else if !auth.AllowedRole(role) { + return errors.New("role must be either 'user' or 'admin'") + } + + p, err := readPasswordAndConfirm(c) + if err != nil { + return err + } + password = p } manager, err := createAuthManager(c) if err != nil { @@ -151,10 +177,6 @@ func execUserAdd(c *cli.Context) error { if user, _ := manager.User(username); user != nil { return fmt.Errorf("user %s already exists", username) } - password, err := readPasswordAndConfirm(c) - if err != nil { - return err - } if err := manager.AddUser(username, password, role); err != nil { return err } From 1265e69eee40818e96a89fe4d5011ffb442cb089 Mon Sep 17 00:00:00 2001 From: Kenix Date: Mon, 20 Jun 2022 13:19:54 -0400 Subject: [PATCH 2/6] Changes user add to use a NTFY_PASSWORD env var rather than NTFY_USER. --- cmd/user.go | 40 ++++++++++++++-------------------------- 1 file changed, 14 insertions(+), 26 deletions(-) diff --git a/cmd/user.go b/cmd/user.go index 5a5b1f9c..08605198 100644 --- a/cmd/user.go +++ b/cmd/user.go @@ -41,7 +41,7 @@ var cmdUser = &cli.Command{ Action: execUserAdd, Flags: []cli.Flag{ &cli.StringFlag{Name: "role", Aliases: []string{"r"}, Value: string(auth.RoleUser), Usage: "user role"}, - &cli.StringFlag{Name: "user", Aliases: []string{"u"}, EnvVars: []string{"NTFY_USER"}, Usage: "username[:password] used to auth against the server"}, + &cli.StringFlag{Name: "password", Aliases: []string{"p"}, EnvVars: []string{"NTFY_PASSWORD"}, Usage: "user password"}, }, Description: `Add a new user to the ntfy user database. @@ -137,39 +137,27 @@ Examples: } func execUserAdd(c *cli.Context) error { - var username string - var password string - userAndPass := c.String("user") + password := c.String("user") role := auth.Role(c.String("role")) - if userAndPass != "" { - parts := strings.SplitN(userAndPass, ":", 2) - if len(parts) == 2 { - username = parts[0] - password = parts[1] - } else { - p, err := readPasswordAndConfirm(c) - if err != nil { - return err - } - username = userAndPass - password = p - } - } else { - username = c.Args().Get(0) - if username == "" { - return errors.New("username expected, type 'ntfy user add --help' for help") - } else if username == userEveryone { - return errors.New("username not allowed") - } else if !auth.AllowedRole(role) { - return errors.New("role must be either 'user' or 'admin'") - } + username = c.Args().Get(0) + if username == "" { + return errors.New("username expected, type 'ntfy user add --help' for help") + } else if username == userEveryone { + return errors.New("username not allowed") + } else if !auth.AllowedRole(role) { + return errors.New("role must be either 'user' or 'admin'") + } + // If the password env var was not set, read it from stdin + if password == "" { p, err := readPasswordAndConfirm(c) if err != nil { return err } + password = p } + manager, err := createAuthManager(c) if err != nil { return err From 50cd50cfdf1857596cdb9d23ba703695966a0c84 Mon Sep 17 00:00:00 2001 From: Kenix Date: Mon, 20 Jun 2022 13:24:42 -0400 Subject: [PATCH 3/6] Moves password stdin down to the original location. --- cmd/user.go | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/cmd/user.go b/cmd/user.go index 08605198..e9bc7b2e 100644 --- a/cmd/user.go +++ b/cmd/user.go @@ -147,7 +147,13 @@ func execUserAdd(c *cli.Context) error { } else if !auth.AllowedRole(role) { return errors.New("role must be either 'user' or 'admin'") } - + manager, err := createAuthManager(c) + if err != nil { + return err + } + if user, _ := manager.User(username); user != nil { + return fmt.Errorf("user %s already exists", username) + } // If the password env var was not set, read it from stdin if password == "" { p, err := readPasswordAndConfirm(c) @@ -157,14 +163,6 @@ func execUserAdd(c *cli.Context) error { password = p } - - manager, err := createAuthManager(c) - if err != nil { - return err - } - if user, _ := manager.User(username); user != nil { - return fmt.Errorf("user %s already exists", username) - } if err := manager.AddUser(username, password, role); err != nil { return err } From 727c6268b91a3deaf20c284a55701b9fedb312e6 Mon Sep 17 00:00:00 2001 From: Kenix Date: Mon, 20 Jun 2022 13:25:31 -0400 Subject: [PATCH 4/6] Updating order of variables ntfy user add command. --- cmd/user.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/user.go b/cmd/user.go index e9bc7b2e..07970fde 100644 --- a/cmd/user.go +++ b/cmd/user.go @@ -137,9 +137,9 @@ Examples: } func execUserAdd(c *cli.Context) error { - password := c.String("user") - role := auth.Role(c.String("role")) username = c.Args().Get(0) + role := auth.Role(c.String("role")) + password := c.String("user") if username == "" { return errors.New("username expected, type 'ntfy user add --help' for help") } else if username == userEveryone { From 7de7e0de1246752d421c977a57147ea1f3f9e474 Mon Sep 17 00:00:00 2001 From: Kenix Date: Mon, 20 Jun 2022 13:26:13 -0400 Subject: [PATCH 5/6] Adds missing colon assignment for username variable in ntfy user add command. --- cmd/user.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/user.go b/cmd/user.go index 07970fde..d4d543fe 100644 --- a/cmd/user.go +++ b/cmd/user.go @@ -137,7 +137,7 @@ Examples: } func execUserAdd(c *cli.Context) error { - username = c.Args().Get(0) + username := c.Args().Get(0) role := auth.Role(c.String("role")) password := c.String("user") if username == "" { From f3e59618921e02ad35e046e2ac86e1561dd85564 Mon Sep 17 00:00:00 2001 From: Kenix3 Date: Mon, 20 Jun 2022 14:21:30 -0400 Subject: [PATCH 6/6] Fixes envvar fetch in ntfy user add for password --- cmd/user.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/user.go b/cmd/user.go index d4d543fe..f94f6250 100644 --- a/cmd/user.go +++ b/cmd/user.go @@ -139,7 +139,7 @@ Examples: func execUserAdd(c *cli.Context) error { username := c.Args().Get(0) role := auth.Role(c.String("role")) - password := c.String("user") + password := c.String("password") if username == "" { return errors.New("username expected, type 'ntfy user add --help' for help") } else if username == userEveryone {