mirror of
https://github.com/iv-org/documentation.git
synced 2024-12-22 05:55:02 -05:00
Doc: scripts for manual registration + improve reset password (#459)
* T.: Document ways for resetting passwords just w standard shell utils * T.: Document manual user registration * T.: Improved string escapes in our scripts * T.: Don't change this file * T.: Add newline
This commit is contained in:
parent
bd5c262fb1
commit
d147ff55db
29
docs/register-user.md
Normal file
29
docs/register-user.md
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
# Registering users manually
|
||||||
|
|
||||||
|
You might want to disable registration in your [instance config](/configuration), but still have a quick way to manually register users upon request. To do so, first set up a separate instance that only listens on localhost, has registration enabled,
|
||||||
|
and captchas as well as background jobs disabled. Make sure you have a way to start it easily with just one or a few commands, e.g. via a systemd service. Then, use something like the script below (in the example, the instance is started via a systemd
|
||||||
|
service called `podman-invidious_register`, and it listens on localhost port 21742. **Warning**: This script is vulnerable to SQL injections. Only use trusted inputs; if you want to make a custom signup form and use this as a backend, be sure to
|
||||||
|
sanitize inputs.
|
||||||
|
```sh
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
systemctl start podman-invidious_register
|
||||||
|
|
||||||
|
CONTINUE='y'
|
||||||
|
while [ "$CONTINUE" = 'y' ]; do
|
||||||
|
read -rp 'User ID: ' ID
|
||||||
|
if [ "$(su postgres -c "psql invidious -c \"SELECT email FROM users WHERE email = '\"'$ID'\"';\"" | tail -n 2 | head -n 1)" != '(0 rows)' ]; then
|
||||||
|
echo 'Error: User ID is already taken'
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
|
||||||
|
read -rsp 'Password: ' PASSWORD
|
||||||
|
|
||||||
|
curl -L 'http://localhost:21742/login' --form-string "email=$ID" --form-string "password=$PASSWORD" -F 'action=signin' >/dev/null
|
||||||
|
|
||||||
|
read -rp 'Register more accounts? [y/N] ' CONTINUE
|
||||||
|
done
|
||||||
|
|
||||||
|
systemctl stop podman-invidious_register
|
||||||
|
```
|
@ -4,10 +4,11 @@ Resetting a user's invidious password needs you to edit the database.
|
|||||||
|
|
||||||
Firstly, generate a bcrypt-encrypted hash for the new password you want to set for the user.
|
Firstly, generate a bcrypt-encrypted hash for the new password you want to set for the user.
|
||||||
|
|
||||||
This can be done with the `bcrypt` python module, though there are other ways of doing the same.
|
This can, for example, be done with the `bcrypt` python module or the `mkpasswd` shell utility (the latter should be preinstalled on most systems):
|
||||||
|
|
||||||
```
|
```
|
||||||
python3 -c 'import bcrypt; print(bcrypt.hashpw(b"<INSERT PASSWORD HERE>", bcrypt.gensalt(rounds=10)).decode("ascii"))'
|
python3 -c 'import bcrypt; print(bcrypt.hashpw(b"<INSERT PASSWORD HERE>", bcrypt.gensalt(rounds=10)).decode("ascii"))' # python
|
||||||
|
mkpasswd --method=bcrypt-a -R 10 # mkpasswd
|
||||||
```
|
```
|
||||||
|
|
||||||
To do so, first attach to the database:
|
To do so, first attach to the database:
|
||||||
@ -23,3 +24,19 @@ UPDATE users SET password = 'HASH' WHERE email = 'USERNAME';
|
|||||||
```
|
```
|
||||||
|
|
||||||
After that, the password should be reset.
|
After that, the password should be reset.
|
||||||
|
|
||||||
|
This script bundles all needed commands so you don't have to enter everything manually every time, and also checks that the username exists before writing to the database:
|
||||||
|
```sh
|
||||||
|
#!/bin/sh
|
||||||
|
set -e
|
||||||
|
|
||||||
|
printf 'User ID: '
|
||||||
|
read -r ID
|
||||||
|
if [ "$(su postgres -c "psql invidious -c \"SELECT email FROM users WHERE email = '$ID';\"" | tail -n 2 | head -n 1)" != '(1 row)' ]; then
|
||||||
|
echo 'Error: User ID does not exist'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
HASH="$(mkpasswd --method=bcrypt-a -R 10)"
|
||||||
|
su postgres -c "psql invidious -c \"UPDATE users SET password = '\"'$HASH'\"' WHERE email = '\"'$ID'\"';\""
|
||||||
|
```
|
||||||
|
Loading…
Reference in New Issue
Block a user