added checks
This commit is contained in:
parent
f27c232090
commit
c56a146def
5 changed files with 39 additions and 9 deletions
|
|
@ -1,19 +1,41 @@
|
|||
const bcrypt = require('bcryptjs');
|
||||
const fs = require('fs');
|
||||
const path = require('path');
|
||||
|
||||
// Get the password from the command-line arguments
|
||||
const password = process.argv[2];
|
||||
|
||||
if (!password) {
|
||||
console.log('Please provide a password as a command-line argument.');
|
||||
process.exit(1); // Exit the program if no password is provided
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
const saltRounds = 10;
|
||||
|
||||
// Generate bcrypt hash asynchronously
|
||||
const configFilePath = path.join(__dirname, '../panel.config.ts');
|
||||
|
||||
bcrypt.hash(password, saltRounds)
|
||||
.then(hash => {
|
||||
console.log('Generated bcrypt hash:', hash);
|
||||
|
||||
fs.readFile(configFilePath, 'utf8', (err, data) => {
|
||||
if (err) {
|
||||
console.error('Error reading the config file:', err);
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
const passwordHashRegex = /password_hash:\s*"[^"]*"/;
|
||||
|
||||
const updatedData = data.replace(passwordHashRegex, `password_hash: "${hash}"`) || data.replace(/(password_hash:\s*".*")/, `password_hash: "${hash}"`);
|
||||
|
||||
fs.writeFile(configFilePath, updatedData, 'utf8', (err) => {
|
||||
if (err) {
|
||||
console.error('Error writing the config file:', err);
|
||||
process.exit(1);
|
||||
}
|
||||
|
||||
console.log('Updated the password hash in panel.config.ts');
|
||||
});
|
||||
});
|
||||
})
|
||||
.catch(err => {
|
||||
console.error('Error generating hash:', err);
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@
|
|||
"generate": "nuxt generate",
|
||||
"preview": "nuxt preview",
|
||||
"postinstall": "nuxt prepare",
|
||||
"password_generator": "node .password_hash_gen/generator.js"
|
||||
"password_gen": "node .password_hash_gen/generator.js"
|
||||
},
|
||||
"dependencies": {
|
||||
"nuxt": "^3.15.4",
|
||||
|
|
|
|||
|
|
@ -24,7 +24,5 @@ export const settings = reactive({
|
|||
"libvirt",
|
||||
"frp"
|
||||
],
|
||||
password:{
|
||||
hash: "$2y$10$04HVBBemPypGbaMhTmUxX.DUMir1HA4hT6cst.dGabot1ZWR5IQ.6",
|
||||
},
|
||||
password_hash: ""
|
||||
});
|
||||
|
|
@ -14,7 +14,7 @@ export default defineEventHandler(async (event) => {
|
|||
return sendError(event, createError({ statusCode: 400, message: 'password is required' }));
|
||||
}
|
||||
|
||||
const isMatch = await bcrypt.compare(password, settings.password.hash);
|
||||
const isMatch = await bcrypt.compare(password, settings.password_hash);
|
||||
if (!isMatch) {
|
||||
Logger.error("Invalid credentials! password");
|
||||
return sendError(event, createError({ statusCode: 400, message: 'Invalid credentials!' }));
|
||||
|
|
|
|||
|
|
@ -3,12 +3,22 @@ import { reactive } from "vue";
|
|||
import * as crypto from 'crypto';
|
||||
import {jwt_globals} from "~/core/globals";
|
||||
import Logger from "~/core/logger";
|
||||
import {settings} from "~/panel.config";
|
||||
|
||||
export default defineNitroPlugin((nitroApp) => {
|
||||
Logger.info("Running init...");
|
||||
if(settings.password_hash == ""){
|
||||
throw new Error("The password hash is missing. Please use \"npm run password_gen <password>\" to set the password and then \"npm run build\" rebuild the server files");
|
||||
}
|
||||
if(!isValidBcryptHash(settings.password_hash)){
|
||||
throw new Error("The password hash is invalid. Please use \"npm run password_gen <password>\" to set the password and then \"npm run build\" rebuild the server files");
|
||||
}
|
||||
Logger.info("Generating jwt secret...")
|
||||
jwt_globals.secret = crypto.randomBytes(32).toString('base64');
|
||||
Logger.success("secret: " + jwt_globals.secret)
|
||||
});
|
||||
|
||||
|
||||
function isValidBcryptHash(hash: string): boolean {
|
||||
const bcryptPattern = /^\$2[aby]\$.{56}$/;
|
||||
return bcryptPattern.test(hash);
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue