mirror of
https://github.com/ajnart/homarr.git
synced 2026-02-27 00:40:58 +01:00
5c99622fa8
* fix(deps): update dependency drizzle-zod to ^0.8.2 * chore: update zod to v4 import * fix: path is no longer available in transform context * fix: AnyZodObject does no longer exist * fix: auth env.ts using wrong createEnv and remove unused file env-validation.ts * fix: required_error no longer exists on z.string * fix: zod error map is deprecated and replaced with config * fix: default requires callback now * fix: migrate zod resolver for mantine * fix: remove unused form translation file * fix: wrong enum type * fix: record now requires two arguments * fix: add-confirm-password-refinement type issues * fix: add missing first record argument for entityStateSchema * fix: migrate superrefine to check * fix(deps): upgrade zod-form-data to v3 * fix: migrate superRefine to check for mediaUploadSchema * fix: authProvidersSchema default is array * fix: use stringbool instead of custom implementation * fix: record requires first argument * fix: migrate superRefine to check for certificate router * fix: confirm pasword refinement is overwriting types * fix: email optional not working * fix: migrate intersection to object converter * fix: safe parse return value rename * fix: easier access for min and max number value * fix: migrate superRefine to check for oldmarr import file * fix: inference of enum shape for old-import board-size wrong * fix: errors renamed to issues * chore: address pull request feedback * fix: zod form requires object * fix: inference for use-zod-form not working * fix: remove unnecessary convertion * fix(deps): upgrade trpc-to-openapi to v3 * fix: build error * fix: migrate missing zod imports to v4 * fix: migrate zod records to v4 * fix: missing core package dependency in api module * fix: unable to convert custom zod schema to openapi schema * fix(deps): upgrade zod to v4 * chore(renovate): enable zod dependency updates * test: add simple unit test for convertIntersectionToZodObject --------- Co-authored-by: homarr-renovate[bot] <158783068+homarr-renovate[bot]@users.noreply.github.com>
97 lines
3.1 KiB
TypeScript
97 lines
3.1 KiB
TypeScript
import { command, string } from "@drizzle-team/brocli";
|
|
|
|
import { createSaltAsync, hashPasswordAsync } from "@homarr/auth";
|
|
import { createId } from "@homarr/common";
|
|
import { generateSecureRandomToken } from "@homarr/common/server";
|
|
import { and, count, db, eq } from "@homarr/db";
|
|
import { getMaxGroupPositionAsync } from "@homarr/db/queries";
|
|
import { groupMembers, groupPermissions, groups, users } from "@homarr/db/schema";
|
|
import { usernameSchema } from "@homarr/validation/user";
|
|
|
|
export const recreateAdmin = command({
|
|
name: "recreate-admin",
|
|
desc: "Recreate credentials admin user if none exists anymore",
|
|
options: {
|
|
username: string("username").required().alias("u").desc("Name of the admin"),
|
|
},
|
|
// eslint-disable-next-line no-restricted-syntax
|
|
handler: async (options) => {
|
|
if (!process.env.AUTH_PROVIDERS?.toLowerCase().includes("credentials")) {
|
|
console.error("Credentials provider is not enabled");
|
|
return;
|
|
}
|
|
|
|
const result = await usernameSchema.safeParseAsync(options.username);
|
|
|
|
if (!result.success) {
|
|
console.error("Invalid username:");
|
|
console.error(result.error.issues.map((error) => `- ${error.message}`).join("\n"));
|
|
return;
|
|
}
|
|
|
|
const totalCount = await db
|
|
.select({
|
|
count: count(),
|
|
})
|
|
.from(groupPermissions)
|
|
.leftJoin(groupMembers, eq(groupMembers.groupId, groupPermissions.groupId))
|
|
.leftJoin(users, eq(users.id, groupMembers.userId))
|
|
.where(and(eq(groupPermissions.permission, "admin"), eq(users.provider, "credentials")))
|
|
.then((rows) => rows.at(0)?.count ?? 0);
|
|
|
|
if (totalCount > 0) {
|
|
console.error("Credentials admin user exists");
|
|
return;
|
|
}
|
|
|
|
const existingUser = await db.query.users.findFirst({
|
|
where: eq(users.name, result.data),
|
|
});
|
|
|
|
if (existingUser) {
|
|
console.error("User with this name already exists");
|
|
return;
|
|
}
|
|
|
|
const temporaryGroupId = createId();
|
|
|
|
const maxPosition = await getMaxGroupPositionAsync(db);
|
|
await db.insert(groups).values({
|
|
id: temporaryGroupId,
|
|
name: temporaryGroupId,
|
|
position: maxPosition + 1,
|
|
});
|
|
|
|
await db.insert(groupPermissions).values({
|
|
groupId: temporaryGroupId,
|
|
permission: "admin",
|
|
});
|
|
|
|
const salt = await createSaltAsync();
|
|
const password = generateSecureRandomToken(24);
|
|
const hashedPassword = await hashPasswordAsync(password, salt);
|
|
|
|
const userId = createId();
|
|
await db.insert(users).values({
|
|
id: userId,
|
|
name: result.data,
|
|
provider: "credentials",
|
|
password: hashedPassword,
|
|
salt,
|
|
});
|
|
|
|
await db.insert(groupMembers).values({
|
|
groupId: temporaryGroupId,
|
|
userId,
|
|
});
|
|
|
|
console.log(
|
|
"We created a new admin user for you. Please keep in mind, that the admin group of it has a temporary name. You should change it to something more meaningful.",
|
|
);
|
|
console.log(`\tUsername: ${result.data}`);
|
|
console.log(`\tPassword: ${password}`);
|
|
console.log(`\tGroup: ${temporaryGroupId}`);
|
|
console.log(""); // Empty line for better readability
|
|
},
|
|
});
|