Implemented default admin account

README.md

@@ -57,6 +57,7 @@ There are external components to this template referred to as "microservices". T
 	- ~~logout (with cookies)~~
 	- ~~account deletion~~
 - Administration Panel
+	- ~~Default admin account~~
 	- ~~Exclusive to admin accounts~~
 	- inspect aggregate user data
 - ~~News blog system (microservice)~~
@@ -72,7 +73,12 @@ There are external components to this template referred to as "microservices". T
 - Configuraton Script:
 	- Default UUID keys
 	- ~~Docker, docker, docker.~~
+- Better compression for client files
+- Full tutorial for setting up and using the site
 	- Start here page
+	- Security holes
+		- HTTPS
+		- Default admin account
 
 # Email settings
 

client/components/pages/login.jsx

@@ -49,15 +49,10 @@ const LogIn = props => {
 	);
 };
 
+//DOCS: returns two values: response and OK
 const handleSubmit = async (email, password) => {
 	email = email.trim();
 
-	const err = handleValidation(email, password);
-
-	if (err) {
-		return err;
-	}
-
 	//generate a new formdata payload
 	let formData = new FormData();
 
@@ -73,17 +68,4 @@ const handleSubmit = async (email, password) => {
 	}
 };
 
-//returns an error message, or null on success
-const handleValidation = (email, password) => {
-	if (!validateEmail(email)) {
-		return 'invalid email';
-	}
-
-	if (password.length < 8) {
-		return 'invalid password (Must be at least 8 characters long)';
-	}
-
-	return null;
-};
-
 export default LogIn;

configure-script.js

@@ -151,7 +151,6 @@ networks:
 	const dockerfile = `
 FROM node:15
 WORKDIR "/app"
-WORKDIR "/app"
 COPY package*.json ./
 RUN npm install
 RUN apt-get update
@@ -159,7 +158,6 @@ RUN apt-get install -y mariadb-client
 COPY . /app
 EXPOSE 3000
 
-
 ENTRYPOINT ["bash", "-c"]
 CMD ["mysql --host=database --user=root --password=${databaseRootPassword} < ./startup.sql && npm start"]
 `;

server/accounts/login.js

@@ -56,8 +56,8 @@ const route = async (req, res) => {
 };
 
 const validateDetails = async (fields) => {
-	//basic formatting
+	//basic formatting (with an exception for the default admin account)
-	if (!validateEmail(fields.email)) {
+	if (!validateEmail(fields.email) && fields.email != `admin@${process.env.WEB_ADDRESS}`) {
 		return 'invalid email';
 	}
 

server/admin/index.js

@@ -16,4 +16,27 @@ router.get('/banned', require('./banned'));
 router.post('/ban', require('./ban'));
 router.post('/unban', require('./unban'));
 
+//DOCS: ensure that there is at least one administration account
+const bcrypt = require('bcryptjs');
+const { accounts } = require('../database/models');
+
+(async () => {
+	const admin = await accounts.findOne({
+		where: {
+			privilege: 'administrator'
+		}
+	});
+
+	if (admin == null) {
+		await accounts.create({
+			privilege: 'administrator',
+			email: `admin@${process.env.WEB_ADDRESS}`,
+			username: `admin`,
+			hash: await bcrypt.hash('password', await bcrypt.genSalt(11))
+		});
+
+		console.log(`Created default admin account (email: admin@${process.env.WEB_ADDRESS}; password: password)`);
+	}
+})();
+
 module.exports = router;

sql/create_database.sql

@@ -1,10 +0,0 @@
-#This file only needs to be run once, during initial setup
-#After this script, next run 'update_database.sql'
-
-#Create the actual database
-CREATE DATABASE IF NOT EXISTS template;
-USE template;
-
-#Create the database user
-CREATE USER IF NOT EXISTS 'template'@'%' IDENTIFIED BY 'pikachu';
-GRANT ALL PRIVILEGES ON template.* TO 'template'@'%';

sql/update_database.sql.old

@@ -1,3 +1,6 @@
+# Do not use this file - this is just a guide for my own use
+
+
 # account system
 CREATE TABLE IF NOT EXISTS pendingSignups (
 	email VARCHAR(320) UNIQUE,