This PR introduces potentially breaking changes. It is still very early in development and should only be used experimentally at this time. If you do want to give it a shot, do it in dev. If you do it in prod, backup your auth.json and data.json before switching over.
[x] I acknowledge that any submitted code will be licensed under the ISC License
[x] I confirm that submitted code is my own work
[x] I have tested the code, and confirm that it works
Enviroment
Operating System: Win 10
Node version: 16.14.0
npm version: 8.17.0
Description
This PR will hopefully tackle a couple issues. Whatever I get around to dealing with I'll detail below.
Better authentication
First on the list of things I need to overhaul: better auth. The current system is pretty simple and hard to build on. The new system will use modern functions and allow better integration with CLI tools, a future API, and frontends (via aforementioned API).
Completed task: format migration
There is still a lot of work to be done, but the main thing I wanted to get out of the way is complete! Upon startup, ass will automatically migrate the auth file format. It will generate a unique ID using Nano ID. Currently, it only generates a password hash for the admin user.
Admin user??
The admin user is set by default during auth migration. It is simply user 0, aka the first one generated when you originally installed ass. Frontends will be able to use the admin user for management without needing to configure their own user system.
Passwords?!
ass now supports password hashing with bcrypt. As mentioned above, the admin password will be randomly generated, so you'll have to set it on the command line with npm run cli-setpassword ass <password here> (replace ass if you changed the default username).
Eventually there will be a proper API for frontends to easily let their users set passwords.
⚠️ Stop! Breaking changes ahead ⚠️
This PR introduces potentially breaking changes. It is still very early in development and should only be used experimentally at this time. If you do want to give it a shot, do it in dev. If you do it in prod, backup your
auth.json
anddata.json
before switching over.Checklist
Enviroment
Description
This PR will hopefully tackle a couple issues. Whatever I get around to dealing with I'll detail below.
Better authentication
First on the list of things I need to overhaul: better auth. The current system is pretty simple and hard to build on. The new system will use modern functions and allow better integration with CLI tools, a future API, and frontends (via aforementioned API).
Completed task: format migration
There is still a lot of work to be done, but the main thing I wanted to get out of the way is complete! Upon startup, ass will automatically migrate the auth file format. It will generate a unique ID using Nano ID. Currently, it only generates a password hash for the admin user.
Admin user??
The admin user is set by default during auth migration. It is simply user 0, aka the first one generated when you originally installed ass. Frontends will be able to use the admin user for management without needing to configure their own user system.
Passwords?!
ass now supports password hashing with bcrypt. As mentioned above, the admin password will be randomly generated, so you'll have to set it on the command line with
npm run cli-setpassword ass <password here>
(replaceass
if you changed the default username).Eventually there will be a proper API for frontends to easily let their users set passwords.
Supporting Issues
Merging this PR will close #133.