diff --git a/maloja/data_files/settings/default.ini b/maloja/data_files/settings/default.ini index 86e9c2f..f5ff205 100644 --- a/maloja/data_files/settings/default.ini +++ b/maloja/data_files/settings/default.ini @@ -7,6 +7,14 @@ WEB_PORT = 42010 HOST = "::" # You most likely want either :: for IPv6 or 0.0.0.0 for IPv4 here +[Login] + +DEFAULT_PASSWORD = none +FORCE_PASSWORD = none +# these are only meant for Docker containers +# on first start, set the environment variable MALOJA_DEFAULT_PASSWORD +# if you forgot and already generated a random password, you can overwrite it with MALOJA_FORCE_PASSWORD + [Third Party Services] # order in which to use the metadata providers diff --git a/maloja/proccontrol/setup.py b/maloja/proccontrol/setup.py index ad6752a..c123a78 100644 --- a/maloja/proccontrol/setup.py +++ b/maloja/proccontrol/setup.py @@ -2,6 +2,7 @@ import pkg_resources from distutils import dir_util from doreah import settings from doreah.io import col, ask, prompt +from doreah import auth import os from ..globalconf import datadir @@ -22,7 +23,12 @@ def copy_initial_local_files(): #shutil.copy(folder,DATA_DIR) dir_util.copy_tree(folder,datadir(),update=False) - +def randomstring(length=32): + import random + key = "" + for i in range(length): + key += str(random.choice(list(range(10)) + list("abcdefghijklmnopqrstuvwxyz") + list("ABCDEFGHIJKLMNOPQRSTUVWXYZ"))) + return key def setup(): @@ -48,10 +54,7 @@ def setup(): else: answer = ask("Do you want to set up a key to enable scrobbling? Your scrobble extension needs that key so that only you can scrobble tracks to your database.",default=True,skip=SKIP) if answer: - import random - key = "" - for i in range(64): - key += str(random.choice(list(range(10)) + list("abcdefghijklmnopqrstuvwxyz") + list("ABCDEFGHIJKLMNOPQRSTUVWXYZ"))) + key = randomstring(64) print("Your API Key: " + col["yellow"](key)) with open(datadir("clients/authenticated_machines.tsv"),"w") as keyfile: keyfile.write(key + "\t" + "Default Generated Key") @@ -59,6 +62,32 @@ def setup(): pass + # PASSWORD + defaultpassword = settings.get_settings("DEFAULT_PASSWORD") + forcepassword = settings.get_settings("FORCE_PASSWORD") + # this is mainly meant for docker, supply password via environment variable + + if forcepassword is not None: + # user has specified to force the pw, nothing else matters + auth.defaultuser.setpw(forcepassword) + print("Password has been set.") + elif auth.defaultuser.checkpw("admin"): + # if the actual pw is admin, it means we've never set this up properly (eg first start after update) + if defaultpassword is None: + # non-docker installation or user didn't set environment variable + defaultpassword = randomstring(32) + newpw = prompt("Please set a password for web backend access. Leave this empty to generate a random password.",skip=SKIP,secret=True) + if newpw is None: + newpw = defaultpassword + print("Generated password:",newpw) + auth.defaultuser.setpw(newpw) + else: + # docker installation (or settings file, but don't do that) + # we still 'ask' the user to set one, but for docker this will be skipped + newpw = prompt("Please set a password for web backend access. Leave this empty to use the default password.",skip=SKIP,default=defaultpassword,secret=True) + auth.defaultuser.setpw(newpw) + + if settings.get_settings("NAME") is None: name = prompt("Please enter your name. This will be displayed e.g. when comparing your charts to another user. Leave this empty if you would not like to specify a name right now.",default="Generic Maloja User",skip=SKIP) settings.update_settings(datadir("settings/settings.ini"),{"NAME":name},create_new=True)