mirror of
https://github.com/fosrl/pangolin.git
synced 2025-08-22 02:08:31 +02:00
69baa6785f
- Add setupTokens database table with proper schema - Implement setup token generation on first server startup - Add token validation endpoint and modify admin creation - Update initial setup page to require setup token - Add migration scripts for both SQLite and PostgreSQL - Add internationalization support for setup token fields - Implement proper error handling and logging - Add CLI command for resetting user security keys This prevents unauthorized access during initial server setup by requiring a token that is generated and displayed in the server console.
35 lines
No EOL
971 B
TypeScript
35 lines
No EOL
971 B
TypeScript
import { APP_PATH } from "@server/lib/consts";
|
|
import Database from "better-sqlite3";
|
|
import path from "path";
|
|
|
|
const version = "1.9.0";
|
|
|
|
export default async function migration() {
|
|
console.log(`Running setup script ${version}...`);
|
|
|
|
const location = path.join(APP_PATH, "db", "db.sqlite");
|
|
const db = new Database(location);
|
|
|
|
try {
|
|
db.pragma("foreign_keys = OFF");
|
|
|
|
db.transaction(() => {
|
|
db.exec(`
|
|
CREATE TABLE 'setupTokens' (
|
|
'tokenId' text PRIMARY KEY NOT NULL,
|
|
'token' text NOT NULL,
|
|
'used' integer DEFAULT 0 NOT NULL,
|
|
'dateCreated' text NOT NULL,
|
|
'dateUsed' text
|
|
);
|
|
`);
|
|
})();
|
|
|
|
db.pragma("foreign_keys = ON");
|
|
|
|
console.log(`Added setupTokens table`);
|
|
} catch (e) {
|
|
console.log("Unable to add setupTokens table:", e);
|
|
throw e;
|
|
}
|
|
}
|