Merge pull request #3 from 4censord/save-adminkey-redis

Change to saving the admin promote password in redis
This commit is contained in:
Mia Winter 2024-02-18 09:41:55 +01:00 committed by GitHub
commit 2ccfe15199
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 23 additions and 9 deletions

View file

@ -5,6 +5,8 @@
@using Wave.Components.Account.Shared
@using Wave.Data
@using Microsoft.AspNetCore.Authorization
@using Microsoft.Extensions.Caching.Distributed;
@using System.Text;
@attribute [Authorize]
@inject IdentityUserAccessor UserAccessor
@ -13,6 +15,7 @@
@inject SignInManager<ApplicationUser> SignInManager
@inject IdentityRedirectManager RedirectManager
@inject IStringLocalizer<Admin> Localizer
@inject IDistributedCache WaveDistributedCache
<PageTitle>@(TitlePrefix + Localizer["Title"])</PageTitle>
@ -52,8 +55,8 @@
protected override async Task OnInitializedAsync() {
User = await UserAccessor.GetRequiredUserAsync(HttpContext);
string path = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "admin.txt");
if (File.Exists(path)) Password = await File.ReadAllTextAsync(path);
Password = await WaveDistributedCache.GetStringAsync("admin_promote_key")
?? "";
}
private async Task Promote() {
@ -76,7 +79,7 @@
}
}
await UserManager.AddToRoleAsync(User, "Admin");
File.Delete(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "admin.txt"));
await WaveDistributedCache.RemoveAsync("admin_promote_key");
await SignInManager.RefreshSignInAsync(User);
Message = "You have been promoted, this tool is now disabled.";
}

View file

@ -7,8 +7,10 @@
using Microsoft.AspNetCore.Identity.UI.Services;
using Microsoft.AspNetCore.StaticFiles;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Caching.Distributed;
using Microsoft.Extensions.Options;
using StackExchange.Redis;
using System.Text;
using Tomlyn.Extensions.Configuration;
using Wave.Components;
using Wave.Components.Account;
@ -190,10 +192,19 @@
var userManager = scope.ServiceProvider.GetRequiredService<UserManager<ApplicationUser>>();
if (userManager.GetUsersInRoleAsync("Admin").Result.Any() is false) {
string admin = Guid.NewGuid().ToString("N")[..16];
IDistributedCache cache = app.Services.GetRequiredService<IDistributedCache>();
// Check first wheter the password exists already
string admin = await cache.GetStringAsync("admin_promote_key");
// If it does not exist, create a new one and save it to redis
if (string.IsNullOrWhiteSpace(admin)){
admin = Guid.NewGuid().ToString("N")[..16];
await cache.SetAsync("admin_promote_key", Encoding.UTF8.GetBytes(admin), new DistributedCacheEntryOptions{});
}
app.Logger.LogWarning("There is currently no user in your installation with the admin role, " +
"go to /Admin and use the following password to self promote your account: {admin}", admin);
File.WriteAllText(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "admin.txt"), admin);
}
}