From 70a06af35c2da8b8703777d0aed033cd39385a62 Mon Sep 17 00:00:00 2001 From: Dave Menninger Date: Sun, 16 Nov 2014 21:34:42 -0500 Subject: [PATCH] get admin username and password from ENV instead --- Readme.markdown | 4 ++-- ...ult_admin_user.pl => create_admin_user.pl} | 24 +++++++++++-------- 2 files changed, 16 insertions(+), 12 deletions(-) rename script/{create_default_admin_user.pl => create_admin_user.pl} (54%) diff --git a/Readme.markdown b/Readme.markdown index c835191..a739787 100644 --- a/Readme.markdown +++ b/Readme.markdown @@ -22,7 +22,7 @@ This is a test app for trying new things in Mojolicious. * ~~prevent register dupe username~~ * ~~prevent bots with captcha or something ( how to automate tests then? )~~ * ~~script to create default admin user~~ -* get default admin user/pass from ENV instead of hardcoded +* ~~get default admin user/pass from ENV instead of hardcoded~~ * ~~make authentication more secure ( bcrypt )~~ * ~~more tests for authentication, registration~~ * ~~add authorization ( logged in user can see some things, but not others )~~ @@ -30,7 +30,7 @@ This is a test app for trying new things in Mojolicious. * catch-all route, switch routes to use over() conditions * ~~user can create document objects into mongo~~ * roles: ~~admin~~, ~~guest~~, author, reader? -* scripts: setup new db, +* scripts: setup new db, * more templates/routes: ~~home~~, ~~user~~, user/:username, "posts" ... * bootstrap, bower * Dockerfile; add mongodb setup? fixtures? diff --git a/script/create_default_admin_user.pl b/script/create_admin_user.pl similarity index 54% rename from script/create_default_admin_user.pl rename to script/create_admin_user.pl index 6e3163d..1f64cb1 100755 --- a/script/create_default_admin_user.pl +++ b/script/create_admin_user.pl @@ -22,19 +22,23 @@ sub _salt { my $mongo_uri = $ENV{'MONGOLAB_URI'}; my $mango = Mango->new($mongo_uri); -# change this to get from ENV instead? -my $username = "hermes"; -my $password = "conrad"; - -# insert admin user -my $doc = $mango->db->collection('users')->find_one( { username => $username } ); -if ( $doc ) { - print $username . " already exists!\n"; +if( defined $ENV{LRRR_ADMIN_USERNAME} && defined $ENV{LRRR_ADMIN_PASSWORD} ){ + my $username = $ENV{LRRR_ADMIN_USERNAME}; + my $password = $ENV{LRRR_ADMIN_PASSWORD}; + + # insert admin user + my $doc = $mango->db->collection('users')->find_one( { username => $username } ); + if ( $doc ) { + print $username . " already exists!\n"; + } else { + my $oid = $mango->db->collection('users')->insert( { username => $username, password => bcrypt($password,$settings), role => 'admin' } ); + print "inserted ".$username." with oid: " . $oid . "\n"; + } } else { - my $oid = $mango->db->collection('users')->insert( { username => $username, password => bcrypt($password,$settings), role => 'admin' } ); - print "inserted ".$username." with oid: " . $oid . "\n"; + print "the ENV variables LRRR_ADMIN_USERNAME and LRRR_ADMIN_PASSWORD need to be set for this command to create a new admin user.\n"; } + # list existing admin users my $c = $mango->db->collection('users')->find( { role => 'admin' } ); print "existing admins:\n";