From 5e82f060324e196eb06365177388270d0e4c61ed Mon Sep 17 00:00:00 2001 From: b1ek Date: Thu, 23 Feb 2023 16:51:19 +1000 Subject: [PATCH] add accounts --- models/user.js | 5 ++ scripts/create_admin_account.js | 117 ++++++++++++++++++++++++++++++++ scripts/package.json | 4 +- 3 files changed, 125 insertions(+), 1 deletion(-) create mode 100644 scripts/create_admin_account.js diff --git a/models/user.js b/models/user.js index 2e7d58e..d2c2a24 100644 --- a/models/user.js +++ b/models/user.js @@ -34,6 +34,11 @@ const structure = { gpgkey: { type: DataTypes.TEXT, allowNull: false + }, + accessLevel: { + type: DataTypes.SMALLINT, + allowNull: false, + defaultValue: 0 } } User.structure = structure diff --git a/scripts/create_admin_account.js b/scripts/create_admin_account.js new file mode 100644 index 0000000..d780fba --- /dev/null +++ b/scripts/create_admin_account.js @@ -0,0 +1,117 @@ +process.env.DEBUG = undefined; + +const db = require('../models'); +const args = require('args-parser')(process.argv); +const { authenticator } = require('otplib'); +const path = require('path'); +const crypto = require('crypto'); +const qrcode = require('qrcode-terminal'); +const prompt = require('prompt-sync')({ sigint: true, eot: true }); +const bcrypt = require('bcrypt') + +if (args['help']) { + console.log(path.basename(__filename) + ' [--pass] [--login] [--email] [--gpgkey] [--dry-run] [--no-interactive|-n] [--totp] [--set-totp] [--set-totp-recovery]'); + console.log( + ' --pass: Set password.\n' + + ' --login: Set login.\n' + + ' --email: Set email.\n' + + ' --gpgkey: Set path to your GPG key.\n' + + ' --dry-run: Don\'t do anything, but simulate like something is done.\n' + + ' --no-interactive -n: Disable prompts. Designed for script usage.\n' + + ' --totp: Add TOTP to the account. QR code and recovery codes would be printed to terminal.\n' + + ' --set-totp: Set TOTP key. Designed for script usage.\n' + + ' --set-totp-recovery: Set TOTP recovery keys (comma separated).' + ) + process.exit(0); +} + +function exit_error(error, exitCode) { + if (!exitCode) exitCode = -1; + console.error(error); + process.exit(exitCode); +} + +let interactive = true; +if (args['no-interactive']) interactive = false; + +// get data +let password, login, email, gpgkey; +let totpkey, totprecover, totpurl; +if (args['pass']) { + password = args['pass']; +} else if (interactive) { + // node does not provide a way to + // get a password with hidden stdin + password = prompt('Password: '); + console.clear(); +} else exit_error('No password supplied.'); + +if (args['login']) { + login = args['login']; +} else if (interactive) { + login = prompt('Login: '); +} else exit_error('No login supplied.'); + +if (args['email']) { + email = args['email']; +} else if (interactive) { + email = prompt('Email: '); +} else exit_error('No email supplied.'); + +if (args['gpgkey']) { + gpgkey = require('fs').readFileSync(args['gpgkey'], {encoding: 'utf-8'}).toString(); +} else if (interactive) { + gpgkey = prompt('Paste your GPG key:\n'); +} else exit_error('No GPG key supplied.') + +if (args['totp']) { + totpkey = authenticator.generateSecret(32); + totprecover = []; + for (let i = 0; i != 6; i++) { + totprecover[i] = crypto.randomInt(11111111, 99999999); + } + + totpkey = args['set-totp'] ? args['set-totp'] : totpkey; + totprecover = args['set-totp-recovery'] ? args['set-totp-recovery'].split(',') : totprecover; + + totpurl = `otpauth://totp/blek/${login}@blek.codes?secret=${totpkey}&issuer=blek`; + qrcode.generate(totpurl); + console.log('Totp URL: ' + totpurl); + console.log('Recovery keys:'); + for (let i = 0; i <= totprecover.length - 2; i+= 2) { + console.log(' ' + totprecover[i] + ', ' + totprecover[i+1]); + } +} +password = '' + password; + +// insert data +if (args['dry-run']) { + console.log('All done'); + process.exit(0); +} + +const salt = bcrypt.genSaltSync(12); +const pass = bcrypt.hashSync(password, salt); + + +async function create() { + const data = await db.User.findAndCountAll({where: {login}}); + if (data.count !== 0) { + console.error('User with this login already exists.'); + process.exit(0); + } + + const user = await db.User.create({ + login, + email, + pass, + accessLevel: 4, + gpgkey, + totp: totpkey, + totpRec: totprecover ? totprecover.join(',') : undefined + }); + console.log('All done'); + process.exit(0); +} + +create(); \ No newline at end of file diff --git a/scripts/package.json b/scripts/package.json index c43407b..63dfbb8 100644 --- a/scripts/package.json +++ b/scripts/package.json @@ -9,6 +9,8 @@ "author": "", "license": "ISC", "dependencies": { - "args-parser": "^1.3.0" + "args-parser": "^1.3.0", + "prompt-sync": "^4.2.0", + "qrcode-terminal": "^0.12.0" } }