From a7d8e69dfd40536fc8abaa6125b290c6779bb3d6 Mon Sep 17 00:00:00 2001 From: Philipp Heckel Date: Mon, 20 Jun 2022 16:03:39 -0400 Subject: [PATCH] Refine NTFY_PASSWORD logic --- cmd/user.go | 50 ++++++++++++++++++++++++++++++++---------------- docs/releases.md | 2 ++ 2 files changed, 35 insertions(+), 17 deletions(-) diff --git a/cmd/user.go b/cmd/user.go index f94f6250..da88d459 100644 --- a/cmd/user.go +++ b/cmd/user.go @@ -6,6 +6,7 @@ import ( "crypto/subtle" "errors" "fmt" + "os" "strings" "github.com/urfave/cli/v2" @@ -37,11 +38,10 @@ var cmdUser = &cli.Command{ Name: "add", Aliases: []string{"a"}, Usage: "Adds a new user", - UsageText: "ntfy user add [--role=admin|user] USERNAME", + UsageText: "ntfy user add [--role=admin|user] USERNAME\nNTFY_PASSWORD=... ntfy user add [--role=admin|user] USERNAME", Action: execUserAdd, Flags: []cli.Flag{ &cli.StringFlag{Name: "role", Aliases: []string{"r"}, Value: string(auth.RoleUser), Usage: "user role"}, - &cli.StringFlag{Name: "password", Aliases: []string{"p"}, EnvVars: []string{"NTFY_PASSWORD"}, Usage: "user password"}, }, Description: `Add a new user to the ntfy user database. @@ -50,8 +50,12 @@ granted otherwise by the auth-default-access setting). An admin user has read an topics. Examples: - ntfy user add phil # Add regular user phil - ntfy user add --role=admin phil # Add admin user phil + ntfy user add phil # Add regular user phil + ntfy user add --role=admin phil # Add admin user phil + NTFY_PASSWORD=... ntfy user add phil # Add user, using env variable to set password (for scripts) + +You may set the NTFY_PASSWORD environment variable to pass the password. This is useful if +you are creating users via scripts. `, }, { @@ -70,7 +74,7 @@ Example: Name: "change-pass", Aliases: []string{"chp"}, Usage: "Changes a user's password", - UsageText: "ntfy user change-pass USERNAME", + UsageText: "ntfy user change-pass USERNAME\nNTFY_PASSWORD=... ntfy user change-pass USERNAME", Action: execUserChangePass, Description: `Change the password for the given user. @@ -78,7 +82,12 @@ The new password will be read from STDIN, and it'll be confirmed by typing it twice. Example: - ntfy user change-pass phil + ntfy user change-pass phil + NTFY_PASSWORD=.. ntfy user change-pass phil + +You may set the NTFY_PASSWORD environment variable to pass the new password. This is +useful if you are updating users via scripts. + `, }, { @@ -127,19 +136,24 @@ The command allows you to add/remove/change users in the ntfy user database, as passwords or roles. Examples: - ntfy user list # Shows list of users (alias: 'ntfy access') - ntfy user add phil # Add regular user phil - ntfy user add --role=admin phil # Add admin user phil - ntfy user del phil # Delete user phil - ntfy user change-pass phil # Change password for user phil - ntfy user change-role phil admin # Make user phil an admin + ntfy user list # Shows list of users (alias: 'ntfy access') + ntfy user add phil # Add regular user phil + NTFY_PASSWORD=... ntfy user add phil # As above, using env variable to set password (for scripts) + ntfy user add --role=admin phil # Add admin user phil + ntfy user del phil # Delete user phil + ntfy user change-pass phil # Change password for user phil + NTFY_PASSWORD=.. ntfy user change-pass phil # As above, using env variable to set password (for scripts) + ntfy user change-role phil admin # Make user phil an admin + +For the 'ntfy user add' and 'ntfy user change-pass' commands, you may set the NTFY_PASSWORD environment +variable to pass the new password. This is useful if you are creating/updating users via scripts. `, } func execUserAdd(c *cli.Context) error { username := c.Args().Get(0) role := auth.Role(c.String("role")) - password := c.String("password") + password := os.Getenv("NTFY_PASSWORD") if username == "" { return errors.New("username expected, type 'ntfy user add --help' for help") } else if username == userEveryone { @@ -154,7 +168,6 @@ func execUserAdd(c *cli.Context) error { if user, _ := manager.User(username); user != nil { return fmt.Errorf("user %s already exists", username) } - // If the password env var was not set, read it from stdin if password == "" { p, err := readPasswordAndConfirm(c) if err != nil { @@ -193,6 +206,7 @@ func execUserDel(c *cli.Context) error { func execUserChangePass(c *cli.Context) error { username := c.Args().Get(0) + password := os.Getenv("NTFY_PASSWORD") if username == "" { return errors.New("username expected, type 'ntfy user change-pass --help' for help") } else if username == userEveryone { @@ -205,9 +219,11 @@ func execUserChangePass(c *cli.Context) error { if _, err := manager.User(username); err == auth.ErrNotFound { return fmt.Errorf("user %s does not exist", username) } - password, err := readPasswordAndConfirm(c) - if err != nil { - return err + if password == "" { + password, err = readPasswordAndConfirm(c) + if err != nil { + return err + } } if err := manager.ChangePassword(username, password); err != nil { return err diff --git a/docs/releases.md b/docs/releases.md index 935f5950..63fff818 100644 --- a/docs/releases.md +++ b/docs/releases.md @@ -9,6 +9,7 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release **Features:** * Trace: Log entire HTTP request to simplify debugging (no ticket) +* Allow setting user password via `NTFY_PASSWORD` env variable ([#327](https://github.com/binwiederhier/ntfy/pull/327), thanks to [@Kenix3](https://github.com/Kenix3)) **Bugs:** @@ -16,6 +17,7 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release * Disallow setting `upstream-base-url` to the same value as `base-url` ([#334](https://github.com/binwiederhier/ntfy/issues/334), thanks to [@oester](https://github.com/oester) for reporting) * Fix `since=` implementation for multiple topics ([#336](https://github.com/binwiederhier/ntfy/issues/336), thanks to [@karmanyaahm](https://github.com/karmanyaahm) for reporting) + ## ntfy Android app v1.14.0 (UNRELEASED) **Features:**