Added optional default admin account

server/admin/default-account.js

@@ -0,0 +1,37 @@
+//DOCS: ensure that there is at least one administration account
+const bcrypt = require('bcryptjs');
+const sequelize = require('../database');
+const { accounts } = require('../database/models');
+
+module.exports = async () => {
+	await sequelize.sync(); //this whole file is just one big BUGFIX
+
+	//validate env variables
+	if (!process.env.ADMIN_DEFAULT_USERNAME || !process.env.ADMIN_DEFAULT_PASSWORD) {
+		//skip this if arguments are missing
+		return;
+	}
+
+	if (process.env.ADMIN_DEFAULT_PASSWORD && process.env.ADMIN_DEFAULT_PASSWORD.length < 8) {
+		console.warn('ADMIN_DEFAULT_PASSWORD is too short - skipping default account creation');
+		return;
+	}
+
+	//check for an existing admin account
+	const adminRecord = await accounts.findOne({
+		where: {
+			privilege: 'administrator'
+		}
+	});
+
+	if (adminRecord == null) {
+		await accounts.create({
+			privilege: 'administrator',
+			email: `${process.env.ADMIN_DEFAULT_USERNAME}@${process.env.WEB_ADDRESS}`,
+			username: `${process.env.ADMIN_DEFAULT_USERNAME}`,
+			hash: await bcrypt.hash(`${process.env.ADMIN_DEFAULT_PASSWORD}`, await bcrypt.genSalt(11))
+		});
+
+		console.warn(`Created default admin account (email: ${process.env.ADMIN_DEFAULT_USERNAME}@${process.env.WEB_ADDRESS}; password: ${process.env.ADMIN_DEFAULT_PASSWORD})`);
+	}
+};

server/admin/index.js

@@ -0,0 +1,3 @@
+module.exports = {
+	defaultAccount: require('./default-account')
+};

server/auth/login.js

@@ -51,10 +51,9 @@ const route = async (req, res) => {
 
 const validateDetails = async (body) => {
 	//basic formatting (with an exception for the default admin account)
-	if (!validateEmail(body.email) && body.email != `admin@${process.env.WEB_ADDRESS}`) {
+	if (!validateEmail(body.email) && body.email != `${process.env.ADMIN_DEFAULT_USERNAME}@${process.env.WEB_ADDRESS}`) {
 		return 'invalid email';
 	}
-	//TODO: restore default admin account
 
 	//check for existing (banned)
 	//TODO: restore banning

server/auth/signup.js

@@ -78,6 +78,11 @@ const validateDetails = async (body) => {
 		return 'username already exists';
 	}
 
+	//validate password
+	if (body.password.length < 8) {
+		return 'password too short';
+	}
+
 	return null;
 };
 

server/database/models/index.js

@@ -2,4 +2,4 @@ module.exports = {
 	tokens: require('./tokens'),
 	accounts: require('./accounts'),
 	pendingSignups: require('./pending-signups')
-}
+};

server/server.js

@@ -15,7 +15,10 @@ app.use(cors());
 //database connection
 const database = require('./database');
 
-//access the news
+const admin = require('./admin');
+admin.defaultAccount();
+
+//access the auth
 app.use('/auth', require('./auth'));
 
 //error on access