soju/cmd/sojuctl/main.go
Simon Ser 998546cdc3
Introduce User.Created
For Network and Channel, the database only needed to define one Store
operation to create/update a record. However since User is missing an ID
we couldn't have a single StoreUser function like other types. We had
CreateUser and UpdatePassword. As new User fields get added (e.g. the
upcoming Admin flag) this isn't sustainable.

We could have CreateUser and UpdateUser, but this wouldn't be consistent
with other types. Instead, introduce User.Created which indicates
whether the record is already stored in the DB. This can be used in a
new StoreUser function to decide whether we need to UPDATE or INSERT
without relying on SQL constraints and INSERT OR UPDATE.

The ListUsers and GetUser functions set User.Created to true.
2020-06-08 11:59:03 +02:00

133 lines
2.6 KiB
Go

package main
import (
"bufio"
"flag"
"fmt"
"log"
"os"
"git.sr.ht/~emersion/soju"
"git.sr.ht/~emersion/soju/config"
"golang.org/x/crypto/bcrypt"
"golang.org/x/crypto/ssh/terminal"
)
const usage = `usage: sojuctl [-config path] <action> [options...]
create-user <username> Create a new user
change-password <username> Change password for a user
help Show this help message
`
func init() {
flag.Usage = func() {
fmt.Fprintf(flag.CommandLine.Output(), usage)
}
}
func main() {
var configPath string
flag.StringVar(&configPath, "config", "", "path to configuration file")
flag.Parse()
var cfg *config.Server
if configPath != "" {
var err error
cfg, err = config.Load(configPath)
if err != nil {
log.Fatalf("failed to load config file: %v", err)
}
} else {
cfg = config.Defaults()
}
db, err := soju.OpenSQLDB(cfg.SQLDriver, cfg.SQLSource)
if err != nil {
log.Fatalf("failed to open database: %v", err)
}
switch cmd := flag.Arg(0); cmd {
case "create-user":
username := flag.Arg(1)
if username == "" {
flag.Usage()
os.Exit(1)
}
password, err := readPassword()
if err != nil {
log.Fatalf("failed to read password: %v", err)
}
hashed, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost)
if err != nil {
log.Fatalf("failed to hash password: %v", err)
}
user := soju.User{
Username: username,
Password: string(hashed),
}
if err := db.StoreUser(&user); err != nil {
log.Fatalf("failed to create user: %v", err)
}
case "change-password":
username := flag.Arg(1)
if username == "" {
flag.Usage()
os.Exit(1)
}
password, err := readPassword()
if err != nil {
log.Fatalf("failed to read password: %v", err)
}
hashed, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost)
if err != nil {
log.Fatalf("failed to hash password: %v", err)
}
user := soju.User{
Created: true,
Username: username,
Password: string(hashed),
}
if err := db.StoreUser(&user); err != nil {
log.Fatalf("failed to update password: %v", err)
}
default:
flag.Usage()
if cmd != "help" {
os.Exit(1)
}
}
}
func readPassword() ([]byte, error) {
var password []byte
var err error
fd := int(os.Stdin.Fd())
if terminal.IsTerminal(fd) {
fmt.Printf("Password: ")
password, err = terminal.ReadPassword(int(os.Stdin.Fd()))
if err != nil {
return nil, err
}
fmt.Printf("\n")
} else {
fmt.Fprintf(os.Stderr, "Warning: Reading password from stdin.\n")
scanner := bufio.NewScanner(os.Stdin)
scanner.Scan()
password = scanner.Bytes()
if len(password) == 0 {
return nil, fmt.Errorf("zero length password")
}
}
return password, nil
}