mirror of
https://github.com/iv-org/documentation.git
synced 2024-10-01 01:35:51 -04:00
Doc: scripts for manual registration + improve reset password (#459)
* T.: Document ways for resetting passwords just w standard shell utils * T.: Document manual user registration * T.: Improved string escapes in our scripts * T.: Don't change this file * T.: Add newline
This commit is contained in:
parent
bd5c262fb1
commit
d147ff55db
29
docs/register-user.md
Normal file
29
docs/register-user.md
Normal file
@ -0,0 +1,29 @@
|
||||
# Registering users manually
|
||||
|
||||
You might want to disable registration in your [instance config](/configuration), but still have a quick way to manually register users upon request. To do so, first set up a separate instance that only listens on localhost, has registration enabled,
|
||||
and captchas as well as background jobs disabled. Make sure you have a way to start it easily with just one or a few commands, e.g. via a systemd service. Then, use something like the script below (in the example, the instance is started via a systemd
|
||||
service called `podman-invidious_register`, and it listens on localhost port 21742. **Warning**: This script is vulnerable to SQL injections. Only use trusted inputs; if you want to make a custom signup form and use this as a backend, be sure to
|
||||
sanitize inputs.
|
||||
```sh
|
||||
#!/usr/bin/env bash
|
||||
set -e
|
||||
|
||||
systemctl start podman-invidious_register
|
||||
|
||||
CONTINUE='y'
|
||||
while [ "$CONTINUE" = 'y' ]; do
|
||||
read -rp 'User ID: ' ID
|
||||
if [ "$(su postgres -c "psql invidious -c \"SELECT email FROM users WHERE email = '\"'$ID'\"';\"" | tail -n 2 | head -n 1)" != '(0 rows)' ]; then
|
||||
echo 'Error: User ID is already taken'
|
||||
continue
|
||||
fi
|
||||
|
||||
read -rsp 'Password: ' PASSWORD
|
||||
|
||||
curl -L 'http://localhost:21742/login' --form-string "email=$ID" --form-string "password=$PASSWORD" -F 'action=signin' >/dev/null
|
||||
|
||||
read -rp 'Register more accounts? [y/N] ' CONTINUE
|
||||
done
|
||||
|
||||
systemctl stop podman-invidious_register
|
||||
```
|
@ -4,10 +4,11 @@ Resetting a user's invidious password needs you to edit the database.
|
||||
|
||||
Firstly, generate a bcrypt-encrypted hash for the new password you want to set for the user.
|
||||
|
||||
This can be done with the `bcrypt` python module, though there are other ways of doing the same.
|
||||
This can, for example, be done with the `bcrypt` python module or the `mkpasswd` shell utility (the latter should be preinstalled on most systems):
|
||||
|
||||
```
|
||||
python3 -c 'import bcrypt; print(bcrypt.hashpw(b"<INSERT PASSWORD HERE>", bcrypt.gensalt(rounds=10)).decode("ascii"))'
|
||||
python3 -c 'import bcrypt; print(bcrypt.hashpw(b"<INSERT PASSWORD HERE>", bcrypt.gensalt(rounds=10)).decode("ascii"))' # python
|
||||
mkpasswd --method=bcrypt-a -R 10 # mkpasswd
|
||||
```
|
||||
|
||||
To do so, first attach to the database:
|
||||
@ -23,3 +24,19 @@ UPDATE users SET password = 'HASH' WHERE email = 'USERNAME';
|
||||
```
|
||||
|
||||
After that, the password should be reset.
|
||||
|
||||
This script bundles all needed commands so you don't have to enter everything manually every time, and also checks that the username exists before writing to the database:
|
||||
```sh
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
printf 'User ID: '
|
||||
read -r ID
|
||||
if [ "$(su postgres -c "psql invidious -c \"SELECT email FROM users WHERE email = '$ID';\"" | tail -n 2 | head -n 1)" != '(1 row)' ]; then
|
||||
echo 'Error: User ID does not exist'
|
||||
exit 1
|
||||
fi
|
||||
|
||||
HASH="$(mkpasswd --method=bcrypt-a -R 10)"
|
||||
su postgres -c "psql invidious -c \"UPDATE users SET password = '\"'$HASH'\"' WHERE email = '\"'$ID'\"';\""
|
||||
```
|
||||
|
Loading…
Reference in New Issue
Block a user