Skip to content

Commit

Permalink
Adding a way to reset the admin password via CLI without any user int…
Browse files Browse the repository at this point in the history
…eraction (#3912)

* feat(cli): Allow unattended password reset via CLI

This commit adds a way to reset the admin password via CLI without any
user interaction (unattended operation).

It adds an optional `new_password` CLI argument that, when present is
used instead of prompting the user for password and password
confirmation.

It also makes sure the user is informed the password could leak into
it's shell history (it's up to him to do some cleaning if
needed/wanted).

* Change to dash style

* Add dry-run

* Fix number password issue

---------

Co-authored-by: Louis Lam <louislam@users.noreply.github.com>
  • Loading branch information
C-Duv and louislam authored Dec 4, 2023
1 parent 81b84a3 commit 478403e
Showing 1 changed file with 21 additions and 6 deletions.
27 changes: 21 additions & 6 deletions extra/reset-password.js
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,10 @@ const rl = readline.createInterface({
});

const main = async () => {
if ("dry-run" in args) {
console.log("Dry run mode, no changes will be made.");
}

console.log("Connecting the database");
Database.initDataDir(args);
await Database.connect(false, false, true);
Expand All @@ -27,15 +31,26 @@ const main = async () => {
console.log("Found user: " + user.username);

while (true) {
let password = await question("New Password: ");
let confirmPassword = await question("Confirm New Password: ");
let password;
let confirmPassword;

if (password === confirmPassword) {
await User.resetPassword(user.id, password);
// When called with "--new-password" argument for unattended modification (e.g. npm run reset-password -- --new_password=secret)
if ("new-password" in args) {
console.log("Using password from argument");
console.warn("\x1b[31m%s\x1b[0m", "Warning: the password might be stored, in plain text, in your shell's history");
password = confirmPassword = args["new-password"] + "";
} else {
password = await question("New Password: ");
confirmPassword = await question("Confirm New Password: ");
}

// Reset all sessions by reset jwt secret
await initJWTSecret();
if (password === confirmPassword) {
if (!("dry-run" in args)) {
await User.resetPassword(user.id, password);

// Reset all sessions by reset jwt secret
await initJWTSecret();
}
break;
} else {
console.log("Passwords do not match, please try again.");
Expand Down

0 comments on commit 478403e

Please sign in to comment.