Starship/CoreID
1
0
Fork 0
Code Issues 8 Pull Requests Releases 34 Wiki Activity

Remove misc files, add root permission, and update env template

Browse Source
This commit is contained in:
garrettmills 2020-07-07 19:30:48 -05:00
parent 6bd1ddc064
commit 60533848a1
No known key found for this signature in database
GPG Key ID: 6ACD58D6ADACFC6E
5 changed files with 37 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
TODO.text
View File

@ -1,2 +1,4 @@
- OAuth2 -> support refresh tokens - OAuth2 -> support refresh tokens
- Localize all the things - Localize all the things
- Setup wizard
- Logins as jobs

0
a.out
View File

15
app/controllers/api/v1/Auth.controller.js
View File

@ -76,7 +76,20 @@ class AuthController extends Controller {
trap: 'password_reset', // Force user to reset password trap: 'password_reset', // Force user to reset password
}) })
user.promote('base_user') const Setting = this.models.get('Setting')
try {
const default_roles = await Setting.get('auth.default_roles')
if ( Array.isArray(default_roles) ) {
for ( const role of default_roles ) user.promote(role)
}
} catch (e) {
this.output.error('Unable to read default roles to promote registered user: ')
this.output.error(e)
}
// If this is the first user, make them root
if ( !(await User.findOne()) ) user.promote('root')
await user.save() await user.save()
// Log in the user automatically // Log in the user automatically

2
config/auth.config.js
View File

@ -192,6 +192,8 @@ const auth_config = {
'v1:password', 'v1:password',
], ],
root: ['v1', 'ldap', 'saml', 'profile', 'oauth', 'app', 'auth', 'iam'],
}, },
} }

29
example.env
View File

@ -1,26 +1,35 @@
APP_NAME=Flitter APP_NAME="Starship CoreID"
APP_URL=http://localhost:8000/ APP_URL=http://localhost:8000/
SERVER_PORT=8000 SERVER_PORT=8000
LOGGING_LEVEL=1 LOGGING_LEVEL=2
LOGGING_TIMESTAMP=false
DATABASE_HOST=127.0.0.1 DATABASE_HOST=127.0.0.1
DATABASE_PORT=27017 DATABASE_PORT=27017
DATABASE_NAME=flitter DATABASE_NAME=starship_coreid
DATABASE_AUTH=false DATABASE_AUTH=false
SECRET=changeme SECRET="Replace this with something randomly generated!"
ENVIRONMENT=production ENVIRONMENT=production
SSL_ENABLE=false SSL_ENABLE=false
SSL_CERT_FILE=cert.pem SSL_CERT_FILE=cert.crt
SSL_CERT_KEY=cert.key SSL_KEY_FILE=cert.key
LDAP_SERVER_PORT=389
# Every LDAP DN is suffixed with this automatically
LDAP_BASE_DC="dc=coreid,dc=local"
SAML_CERT_FILE="/path/to/x509/public.pem"
SAML_KEY_FILE="/path/to/x509/private.pem"
REDIS_HOST=localhost REDIS_HOST=localhost
REDIS_PORT=6379 REDIS_PORT=6379
SMTP_HOST="mail.mydomain.com" SMTP_HOST="localhost"
SMTP_PORT="587" SMTP_PORT="587"
SMTP_USER="coreid@mydomain.com" SMTP_USER="coreid@localhost.localdomain"
SMTP_DEFAULT_SENDER="coreid@mydomain.com" SMTP_DEFAULT_SENDER="coreid@localhost.localdomain"
SMTP_PASS="supersecretpassword" SMTP_PASS="something super secure"