nikdoof/pocket-id
1
0
Fork 0
mirror of https://github.com/nikdoof/pocket-id.git synced 2025-12-14 07:12:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: create-one-time-access-token.sh script not compatible with postgres

Browse Source
This commit is contained in:
Elias Schneider
2024-12-12 23:03:07 +01:00
parent 232c13b5ca
commit 34e35193f9
1 changed files with 46 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
scripts/create-one-time-access-token.sh
View File

@@ -1,5 +1,6 @@
# Default database path
DB_PATH="./backend/data/pocket-id.db" DB_PATH="./backend/data/pocket-id.db"
DB_PROVIDER="${DB_PROVIDER:=sqlite}"
USER_IDENTIFIER="$1"
# Parse command-line arguments for the -d flag (database path) # Parse command-line arguments for the -d flag (database path)
while getopts ":d:" opt; do while getopts ":d:" opt; do
@@ -19,12 +20,12 @@ shift $((OPTIND - 1))
# Ensure username or email is provided as a parameter # Ensure username or email is provided as a parameter
if [ -z "$1" ]; then if [ -z "$1" ]; then
echo "Usage: $0 [-d <database_path>] <username or email>" echo "Usage: $0 [-d <database_path>] <username or email>"
echo " -d Specify the database path (optional, defaults to ./backend/data/pocket-id.db)" if [ "$DB_PROVIDER" == "sqlite" ]; then
echo "-d <database_path> (optional): Path to the SQLite database file. Default: $DB_PATH"
fi
exit 1 exit 1
fi fi
USER_IDENTIFIER="$1"
# Check and try to install the required commands # Check and try to install the required commands
check_and_install() { check_and_install() {
local cmd=$1 local cmd=$1
@@ -41,8 +42,12 @@ check_and_install() {
fi fi
} }
check_and_install sqlite3 sqlite
check_and_install uuidgen uuidgen check_and_install uuidgen uuidgen
if [ "$DB_PROVIDER" == "postgres" ]; then
check_and_install psql postgresql-client
elif [ "$DB_PROVIDER" == "sqlite" ]; then
check_and_install sqlite3 sqlite
fi
# Generate a 16-character alphanumeric secret token # Generate a 16-character alphanumeric secret token
SECRET_TOKEN=$(LC_ALL=C tr -dc 'A-Za-z0-9' </dev/urandom | head -c 16) SECRET_TOKEN=$(LC_ALL=C tr -dc 'A-Za-z0-9' </dev/urandom | head -c 16)
@@ -51,21 +56,47 @@ SECRET_TOKEN=$(LC_ALL=C tr -dc 'A-Za-z0-9' </dev/urandom | head -c 16)
CREATED_AT=$(date +%s) CREATED_AT=$(date +%s)
EXPIRES_AT=$((CREATED_AT + 3600)) EXPIRES_AT=$((CREATED_AT + 3600))
# Retrieve user_id from the users table based on username or email # Retrieve user_id based on username or email and insert token
USER_ID=$(sqlite3 "$DB_PATH" "SELECT id FROM users WHERE username='$USER_IDENTIFIER' OR email='$USER_IDENTIFIER';") if [ "$DB_PROVIDER" == "postgres" ]; then
if [ -z "$POSTGRES_CONNECTION_STRING" ]; then
echo "Error: POSTGRES_CONNECTION_STRING must be set when using PostgreSQL."
exit 1
fi
# Check if user exists # Retrieve user_id
if [ -z "$USER_ID" ]; then USER_ID=$(psql "$POSTGRES_CONNECTION_STRING" -Atc "SELECT id FROM users WHERE username='$USER_IDENTIFIER' OR email='$USER_IDENTIFIER';")
echo "User not found for username/email: $USER_IDENTIFIER"
exit 1
fi
# Insert the one-time token into the one_time_access_tokens table if [ -z "$USER_ID" ]; then
sqlite3 "$DB_PATH" <<EOF echo "User not found for username/email: $USER_IDENTIFIER"
exit 1
fi
# Insert the one-time token
psql "$POSTGRES_CONNECTION_STRING" <<EOF
INSERT INTO one_time_access_tokens (id, created_at, token, expires_at, user_id)
VALUES ('$(uuidgen)', to_timestamp('$CREATED_AT'), '$SECRET_TOKEN', to_timestamp('$EXPIRES_AT'), '$USER_ID');
EOF
elif [ "$DB_PROVIDER" == "sqlite" ]; then
# Retrieve user_id
USER_ID=$(sqlite3 "$DB_PATH" "SELECT id FROM users WHERE username='$USER_IDENTIFIER' OR email='$USER_IDENTIFIER';")
if [ -z "$USER_ID" ]; then
echo "User not found for username/email: $USER_IDENTIFIER"
exit 1
fi
# Insert the one-time token
sqlite3 "$DB_PATH" <<EOF
INSERT INTO one_time_access_tokens (id, created_at, token, expires_at, user_id) INSERT INTO one_time_access_tokens (id, created_at, token, expires_at, user_id)
VALUES ('$(uuidgen)', '$CREATED_AT', '$SECRET_TOKEN', '$EXPIRES_AT', '$USER_ID'); VALUES ('$(uuidgen)', '$CREATED_AT', '$SECRET_TOKEN', '$EXPIRES_AT', '$USER_ID');
EOF EOF
else
echo "Error: Invalid DB_PROVIDER. Must be 'postgres' or 'sqlite'."
exit 1
fi
echo "================================================="
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
echo "A one-time access token valid for 1 hour has been created for \"$USER_IDENTIFIER\"." echo "A one-time access token valid for 1 hour has been created for \"$USER_IDENTIFIER\"."
echo "Use the following URL to sign in once: ${PUBLIC_APP_URL:=https://<your-pocket-id-domain>}/login/$SECRET_TOKEN" echo "Use the following URL to sign in once: ${PUBLIC_APP_URL:=https://<your-pocket-id-domain>}/login/$SECRET_TOKEN"
@@ -73,3 +104,4 @@ else
echo "Error creating access token." echo "Error creating access token."
exit 1 exit 1
fi fi
echo "================================================="