Refine NTFY_PASSWORD logic

This commit is contained in:
Philipp Heckel 2022-06-20 16:03:39 -04:00
parent 5b68915fff
commit a7d8e69dfd
2 changed files with 35 additions and 17 deletions

View file

@ -6,6 +6,7 @@ import (
"crypto/subtle" "crypto/subtle"
"errors" "errors"
"fmt" "fmt"
"os"
"strings" "strings"
"github.com/urfave/cli/v2" "github.com/urfave/cli/v2"
@ -37,11 +38,10 @@ var cmdUser = &cli.Command{
Name: "add", Name: "add",
Aliases: []string{"a"}, Aliases: []string{"a"},
Usage: "Adds a new user", Usage: "Adds a new user",
UsageText: "ntfy user add [--role=admin|user] USERNAME", UsageText: "ntfy user add [--role=admin|user] USERNAME\nNTFY_PASSWORD=... ntfy user add [--role=admin|user] USERNAME",
Action: execUserAdd, Action: execUserAdd,
Flags: []cli.Flag{ Flags: []cli.Flag{
&cli.StringFlag{Name: "role", Aliases: []string{"r"}, Value: string(auth.RoleUser), Usage: "user role"}, &cli.StringFlag{Name: "role", Aliases: []string{"r"}, Value: string(auth.RoleUser), Usage: "user role"},
&cli.StringFlag{Name: "password", Aliases: []string{"p"}, EnvVars: []string{"NTFY_PASSWORD"}, Usage: "user password"},
}, },
Description: `Add a new user to the ntfy user database. Description: `Add a new user to the ntfy user database.
@ -50,8 +50,12 @@ granted otherwise by the auth-default-access setting). An admin user has read an
topics. topics.
Examples: Examples:
ntfy user add phil # Add regular user phil ntfy user add phil # Add regular user phil
ntfy user add --role=admin phil # Add admin user phil ntfy user add --role=admin phil # Add admin user phil
NTFY_PASSWORD=... ntfy user add phil # Add user, using env variable to set password (for scripts)
You may set the NTFY_PASSWORD environment variable to pass the password. This is useful if
you are creating users via scripts.
`, `,
}, },
{ {
@ -70,7 +74,7 @@ Example:
Name: "change-pass", Name: "change-pass",
Aliases: []string{"chp"}, Aliases: []string{"chp"},
Usage: "Changes a user's password", Usage: "Changes a user's password",
UsageText: "ntfy user change-pass USERNAME", UsageText: "ntfy user change-pass USERNAME\nNTFY_PASSWORD=... ntfy user change-pass USERNAME",
Action: execUserChangePass, Action: execUserChangePass,
Description: `Change the password for the given user. Description: `Change the password for the given user.
@ -78,7 +82,12 @@ The new password will be read from STDIN, and it'll be confirmed by typing
it twice. it twice.
Example: Example:
ntfy user change-pass phil ntfy user change-pass phil
NTFY_PASSWORD=.. ntfy user change-pass phil
You may set the NTFY_PASSWORD environment variable to pass the new password. This is
useful if you are updating users via scripts.
`, `,
}, },
{ {
@ -127,19 +136,24 @@ The command allows you to add/remove/change users in the ntfy user database, as
passwords or roles. passwords or roles.
Examples: Examples:
ntfy user list # Shows list of users (alias: 'ntfy access') ntfy user list # Shows list of users (alias: 'ntfy access')
ntfy user add phil # Add regular user phil ntfy user add phil # Add regular user phil
ntfy user add --role=admin phil # Add admin user phil NTFY_PASSWORD=... ntfy user add phil # As above, using env variable to set password (for scripts)
ntfy user del phil # Delete user phil ntfy user add --role=admin phil # Add admin user phil
ntfy user change-pass phil # Change password for user phil ntfy user del phil # Delete user phil
ntfy user change-role phil admin # Make user phil an admin ntfy user change-pass phil # Change password for user phil
NTFY_PASSWORD=.. ntfy user change-pass phil # As above, using env variable to set password (for scripts)
ntfy user change-role phil admin # Make user phil an admin
For the 'ntfy user add' and 'ntfy user change-pass' commands, you may set the NTFY_PASSWORD environment
variable to pass the new password. This is useful if you are creating/updating users via scripts.
`, `,
} }
func execUserAdd(c *cli.Context) error { func execUserAdd(c *cli.Context) error {
username := c.Args().Get(0) username := c.Args().Get(0)
role := auth.Role(c.String("role")) role := auth.Role(c.String("role"))
password := c.String("password") password := os.Getenv("NTFY_PASSWORD")
if username == "" { if username == "" {
return errors.New("username expected, type 'ntfy user add --help' for help") return errors.New("username expected, type 'ntfy user add --help' for help")
} else if username == userEveryone { } else if username == userEveryone {
@ -154,7 +168,6 @@ func execUserAdd(c *cli.Context) error {
if user, _ := manager.User(username); user != nil { if user, _ := manager.User(username); user != nil {
return fmt.Errorf("user %s already exists", username) return fmt.Errorf("user %s already exists", username)
} }
// If the password env var was not set, read it from stdin
if password == "" { if password == "" {
p, err := readPasswordAndConfirm(c) p, err := readPasswordAndConfirm(c)
if err != nil { if err != nil {
@ -193,6 +206,7 @@ func execUserDel(c *cli.Context) error {
func execUserChangePass(c *cli.Context) error { func execUserChangePass(c *cli.Context) error {
username := c.Args().Get(0) username := c.Args().Get(0)
password := os.Getenv("NTFY_PASSWORD")
if username == "" { if username == "" {
return errors.New("username expected, type 'ntfy user change-pass --help' for help") return errors.New("username expected, type 'ntfy user change-pass --help' for help")
} else if username == userEveryone { } else if username == userEveryone {
@ -205,9 +219,11 @@ func execUserChangePass(c *cli.Context) error {
if _, err := manager.User(username); err == auth.ErrNotFound { if _, err := manager.User(username); err == auth.ErrNotFound {
return fmt.Errorf("user %s does not exist", username) return fmt.Errorf("user %s does not exist", username)
} }
password, err := readPasswordAndConfirm(c) if password == "" {
if err != nil { password, err = readPasswordAndConfirm(c)
return err if err != nil {
return err
}
} }
if err := manager.ChangePassword(username, password); err != nil { if err := manager.ChangePassword(username, password); err != nil {
return err return err

View file

@ -9,6 +9,7 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release
**Features:** **Features:**
* Trace: Log entire HTTP request to simplify debugging (no ticket) * Trace: Log entire HTTP request to simplify debugging (no ticket)
* Allow setting user password via `NTFY_PASSWORD` env variable ([#327](https://github.com/binwiederhier/ntfy/pull/327), thanks to [@Kenix3](https://github.com/Kenix3))
**Bugs:** **Bugs:**
@ -16,6 +17,7 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release
* Disallow setting `upstream-base-url` to the same value as `base-url` ([#334](https://github.com/binwiederhier/ntfy/issues/334), thanks to [@oester](https://github.com/oester) for reporting) * Disallow setting `upstream-base-url` to the same value as `base-url` ([#334](https://github.com/binwiederhier/ntfy/issues/334), thanks to [@oester](https://github.com/oester) for reporting)
* Fix `since=<id>` implementation for multiple topics ([#336](https://github.com/binwiederhier/ntfy/issues/336), thanks to [@karmanyaahm](https://github.com/karmanyaahm) for reporting) * Fix `since=<id>` implementation for multiple topics ([#336](https://github.com/binwiederhier/ntfy/issues/336), thanks to [@karmanyaahm](https://github.com/karmanyaahm) for reporting)
## ntfy Android app v1.14.0 (UNRELEASED) ## ntfy Android app v1.14.0 (UNRELEASED)
**Features:** **Features:**