998546cdc3
For Network and Channel, the database only needed to define one Store operation to create/update a record. However since User is missing an ID we couldn't have a single StoreUser function like other types. We had CreateUser and UpdatePassword. As new User fields get added (e.g. the upcoming Admin flag) this isn't sustainable. We could have CreateUser and UpdateUser, but this wouldn't be consistent with other types. Instead, introduce User.Created which indicates whether the record is already stored in the DB. This can be used in a new StoreUser function to decide whether we need to UPDATE or INSERT without relying on SQL constraints and INSERT OR UPDATE. The ListUsers and GetUser functions set User.Created to true.
133 lines
2.6 KiB
Go
133 lines
2.6 KiB
Go
package main
|
|
|
|
import (
|
|
"bufio"
|
|
"flag"
|
|
"fmt"
|
|
"log"
|
|
"os"
|
|
|
|
"git.sr.ht/~emersion/soju"
|
|
"git.sr.ht/~emersion/soju/config"
|
|
"golang.org/x/crypto/bcrypt"
|
|
"golang.org/x/crypto/ssh/terminal"
|
|
)
|
|
|
|
const usage = `usage: sojuctl [-config path] <action> [options...]
|
|
|
|
create-user <username> Create a new user
|
|
change-password <username> Change password for a user
|
|
help Show this help message
|
|
`
|
|
|
|
func init() {
|
|
flag.Usage = func() {
|
|
fmt.Fprintf(flag.CommandLine.Output(), usage)
|
|
}
|
|
}
|
|
|
|
func main() {
|
|
var configPath string
|
|
flag.StringVar(&configPath, "config", "", "path to configuration file")
|
|
flag.Parse()
|
|
|
|
var cfg *config.Server
|
|
if configPath != "" {
|
|
var err error
|
|
cfg, err = config.Load(configPath)
|
|
if err != nil {
|
|
log.Fatalf("failed to load config file: %v", err)
|
|
}
|
|
} else {
|
|
cfg = config.Defaults()
|
|
}
|
|
|
|
db, err := soju.OpenSQLDB(cfg.SQLDriver, cfg.SQLSource)
|
|
if err != nil {
|
|
log.Fatalf("failed to open database: %v", err)
|
|
}
|
|
|
|
switch cmd := flag.Arg(0); cmd {
|
|
case "create-user":
|
|
username := flag.Arg(1)
|
|
if username == "" {
|
|
flag.Usage()
|
|
os.Exit(1)
|
|
}
|
|
|
|
password, err := readPassword()
|
|
if err != nil {
|
|
log.Fatalf("failed to read password: %v", err)
|
|
}
|
|
|
|
hashed, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost)
|
|
if err != nil {
|
|
log.Fatalf("failed to hash password: %v", err)
|
|
}
|
|
|
|
user := soju.User{
|
|
Username: username,
|
|
Password: string(hashed),
|
|
}
|
|
if err := db.StoreUser(&user); err != nil {
|
|
log.Fatalf("failed to create user: %v", err)
|
|
}
|
|
case "change-password":
|
|
username := flag.Arg(1)
|
|
if username == "" {
|
|
flag.Usage()
|
|
os.Exit(1)
|
|
}
|
|
|
|
password, err := readPassword()
|
|
if err != nil {
|
|
log.Fatalf("failed to read password: %v", err)
|
|
}
|
|
|
|
hashed, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost)
|
|
if err != nil {
|
|
log.Fatalf("failed to hash password: %v", err)
|
|
}
|
|
|
|
user := soju.User{
|
|
Created: true,
|
|
Username: username,
|
|
Password: string(hashed),
|
|
}
|
|
if err := db.StoreUser(&user); err != nil {
|
|
log.Fatalf("failed to update password: %v", err)
|
|
}
|
|
default:
|
|
flag.Usage()
|
|
if cmd != "help" {
|
|
os.Exit(1)
|
|
}
|
|
}
|
|
}
|
|
|
|
func readPassword() ([]byte, error) {
|
|
var password []byte
|
|
var err error
|
|
fd := int(os.Stdin.Fd())
|
|
|
|
if terminal.IsTerminal(fd) {
|
|
fmt.Printf("Password: ")
|
|
password, err = terminal.ReadPassword(int(os.Stdin.Fd()))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
fmt.Printf("\n")
|
|
} else {
|
|
fmt.Fprintf(os.Stderr, "Warning: Reading password from stdin.\n")
|
|
scanner := bufio.NewScanner(os.Stdin)
|
|
scanner.Scan()
|
|
password = scanner.Bytes()
|
|
|
|
if len(password) == 0 {
|
|
return nil, fmt.Errorf("zero length password")
|
|
}
|
|
}
|
|
|
|
return password, nil
|
|
}
|