search

bcc-code / directus-schema-sync

The better way to sync your Directus schema and data between environments
Apache License 2.0
102 stars 4 forks source link

Password sync not working #46

Open ulysse-lacour opened 1 month ago

ulysse-lacour commented 1 month ago

Describe the Bug

I have a very simple dockerized Directus (latest) running with postgres (based on directus official image). Two roles (admin & editor). I only export/import not admin users but when trying to connect with an imported user : credentials are wrong, I guess something in the encrypt/decrypt is not working as excepted.

I'm almost using only default config :

// config.json
  directus_users: {
    watch: ["users"],
    query: {
      filter: {
        role: {
          admin_access: { _neq: true },
        },
      },
    },
    onExport: async (item, itemsSrv) => {
      if (item.password && item.password === "**********") {
        const user = await itemsSrv.knex
          .select("password")
          .from("directus_users")
          .where("id", item.id)
          .first();
        if (user) {
          item.password = user.password;
        }
      }

      return item;
    },
    // And then to import the password
    onImport: async (item, itemsSrv) => {
      if (item.password && item.password.startsWith("$argon")) {
        await itemsSrv
          .knex("directus_users")
          .update("password", item.password)
          .where("id", item.id);
        item.password = "**********";
      }

      return item;
    },
  },
// directus_config.js
 directus_roles: {
    watch: ["roles"],
    excludeFields: ["users", "has_role"],
    query: {
      filter: {
        name: { _neq: "Administrator" },
      },
    },
  },

  directus_permissions: {
    watch: ["permissions", "collections", "fields"],
    excludeFields: ["id"],
    groupBy: ["collection"],
    getKey: (o) => `${o.role ?? "public"}-${o.collection}--${o.action}`,
    query: {
      sort: ["role", "collection", "action"],
    },
  },

To Reproduce

Using simple dockerized Directus

# syntax=docker/dockerfile:1.4

####################################################################################################
## Directus install extensions

FROM directus/directus:10.13.1

USER root

RUN corepack enable \
    && corepack prepare pnpm@9.4.0 --activate \
    # Currently required, we'll probably address this in the base image in future release
    && chown node:node /directus

EXPOSE ${PORT}

USER node
RUN pnpm install directus-extension-schema-sync directus-extension-models directus-extension-computed-interface && pnpm config set auto-install-peers true
CMD : \
    && node /directus/cli.js bootstrap \
    && node /directus/cli.js start \
    ;

Import user (unhashed password is 'password' :

// directus_users.json
[
  {
    "appearance": null,
    "auth_data": null,
    "avatar": null,
    "description": null,
    "email": "email@email.com",
    "email_notifications": true,
    "external_identifier": null,
    "first_name": "Editor",
    "id": "8aba891c-27c3-40a7-b1c2-96228e5ca895",
    "language": null,
    "last_access": null,
    "last_name": null,
    "last_page": null,
    "location": null,
    "password": "$argon2id$v=19$m=65536,t=3,p=4$0baQSe7fW+jFrkJtRU4ekg$pj/wJ+roE+amuseLB6lz9t9Op59YFx3VFOaPcN6ez8U",
    "provider": "default",
    "role": "934eb29a-056a-4480-9c19-4bacce7a910c",
    "status": "active",
    "tags": null,
    "tfa_secret": null,
    "theme_dark": null,
    "theme_dark_overrides": null,
    "theme_light": null,
    "theme_light_overrides": null,
    "title": null,
    "token": null
  }
]

Returns :

Capture d’écran 2024-07-18 à 17 59 01

Version

2.1.2

Installed Extension Via

Docker file

ulysse-lacour commented 1 month ago

New (seems unrelated) error occurs on any export : Error in condensed action: error: select * from "directus_settings" where "id" = $1 and "mv_locked" = $2 and not "mv_hash" = $3 and "mv_ts" < $4 or "mv_ts" is null for update - column "mv_locked" does not exist

u12206050 commented 1 month ago

Have you installed the extension as per the instructions, seems like you missed the migrations part.

ulysse-lacour commented 1 month ago

I did but just realized the npx directus schema-sync install --force was needed for every new directus project, thought I only had to run it once and then reuse the schema-sync folder in your directus projects.

Indeed this is fixing the table column not working issue thank you very much but I'm still absolutly unable to transfer user and still getting the wrong credentials error...

ulysse-lacour commented 1 month ago

After a lot of tries and research I'm definitly stuck with users not being able to be sync, more precisely I'm still unable to connect and new directus instance with imported users as shown above and following the doc.