nikdoof/pocket-id
1
0
Fork 0
mirror of https://github.com/nikdoof/pocket-id.git synced 2025-12-13 23:02:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add script for creating one time access token

Browse Source
This commit is contained in:
Elias Schneider
2024-10-23 10:03:17 +02:00
parent b39bc4f79a
commit a1985ce1b2
2 changed files with 70 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Dockerfile
View File

@@ -36,6 +36,7 @@ COPY --from=backend-builder /app/backend/email-templates ./backend/email-templat
COPY --from=backend-builder /app/backend/images ./backend/images COPY --from=backend-builder /app/backend/images ./backend/images
COPY ./scripts ./scripts COPY ./scripts ./scripts
RUN chmod +x ./scripts/*.sh
EXPOSE 3000 EXPOSE 3000
ENV APP_ENV=production ENV APP_ENV=production

69
scripts/create-one-time-access-token.sh Normal file
View File

@@ -0,0 +1,69 @@
#!/bin/bash
# Default database path
DB_PATH="./backend/data/pocket-id.db"
# Parse command-line arguments for the -d flag (database path)
while getopts ":d:" opt; do
case $opt in
d)
DB_PATH="$OPTARG"
;;
\?)
echo "Invalid option -$OPTARG" >&2
exit 1
;;
esac
done
shift $((OPTIND - 1))
# Ensure username or email is provided as a parameter
if [ -z "$1" ]; then
echo "Usage: $0 [-d <database_path>] <username or email>"
echo " -d Specify the database path (optional, defaults to ./backend/data/pocket-id.db)"
exit 1
fi
USER_IDENTIFIER="$1"
# Check if sqlite3 is installed, if not install it via apk
if ! command -v sqlite3 &>/dev/null; then
if command -v apk &>/dev/null; then
echo "sqlite3 not found. Installing..."
apk add sqlite3 --no-cache
else
echo "sqlite3 is not installed, please install it manually."
exit 1
fi
fi
# Generate a 16-character alphanumeric secret token
SECRET_TOKEN=$(LC_ALL=C tr -dc 'A-Za-z0-9' </dev/urandom | head -c 16)
# Get the current Unix timestamp for creation and expiration (1 hour from now)
CREATED_AT=$(date +%s)
EXPIRES_AT=$((CREATED_AT + 3600))
# Retrieve user_id from the users table based on username or email
USER_ID=$(sqlite3 "$DB_PATH" "SELECT id FROM users WHERE username='$USER_IDENTIFIER' OR email='$USER_IDENTIFIER';")
# Check if user exists
if [ -z "$USER_ID" ]; then
echo "User not found for username/email: $USER_IDENTIFIER"
exit 1
fi
# Insert the one-time token into the one_time_access_tokens table
sqlite3 "$DB_PATH" <<EOF
INSERT INTO one_time_access_tokens (id, created_at, token, expires_at, user_id)
VALUES ('$(uuidgen)', '$CREATED_AT', '$SECRET_TOKEN', '$EXPIRES_AT', '$USER_ID');
EOF
if [ $? -eq 0 ]; then
echo "A one-time access token valid for 1 hour has been created for \"$USER_IDENTIFIER\"."
echo "Use the following URL to sign in once: https://<your-pocket-id-domain>/login/$SECRET_TOKEN"
else
echo "Error creating access token."
exit 1
fi