Allow custom admin username and email during install
The installer now prompts for and validates a custom admin username and email, updating migrations and SQL placeholders accordingly. Login now accepts either username or email, and the login form and installer views have been updated to reflect these changes. Additional logging and migration handling improvements were made for better installation and authentication workflows.
This commit is contained in:
Hosteroid
@@ -51,7 +51,7 @@ class AuthController extends Controller
|
||||
}
|
||||
|
||||
$username = trim($_POST['username'] ?? '');
|
||||
$password = $_POST['password'] ?? '';
|
||||
$password = $_POST['password'] ?? ''; // Don't trim - passwords may have intentional spaces
|
||||
$remember = isset($_POST['remember']);
|
||||
|
||||
// Validate input
|
||||
@@ -61,10 +61,19 @@ class AuthController extends Controller
|
||||
return;
|
||||
}
|
||||
|
||||
// Find user
|
||||
// Find user by username or email
|
||||
$user = $this->userModel->findByUsername($username);
|
||||
|
||||
// If not found by username, try email
|
||||
if (!$user && filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
||||
$users = $this->userModel->where('email', $username);
|
||||
if (!empty($users) && $users[0]['is_active']) {
|
||||
$user = $users[0];
|
||||
}
|
||||
}
|
||||
|
||||
if (!$user) {
|
||||
error_log("Login failed: User '$username' not found or not active");
|
||||
$_SESSION['error'] = 'Invalid username or password';
|
||||
$this->redirect('/login');
|
||||
return;
|
||||
@@ -72,10 +81,14 @@ class AuthController extends Controller
|
||||
|
||||
// Verify password
|
||||
if (!$this->userModel->verifyPassword($password, $user['password'])) {
|
||||
error_log("Login failed: Password verification failed for user '$username'");
|
||||
error_log("Stored hash: {$user['password']}");
|
||||
$_SESSION['error'] = 'Invalid username or password';
|
||||
$this->redirect('/login');
|
||||
return;
|
||||
}
|
||||
|
||||
error_log("Login successful for user '$username'");
|
||||
|
||||
// Check if email verification is required
|
||||
$requireVerification = $this->settingModel->getValue('require_email_verification');
|
||||
|
||||
@@ -175,10 +175,17 @@ class InstallerController extends Controller
|
||||
return;
|
||||
}
|
||||
|
||||
$adminUsername = trim($_POST['admin_username'] ?? '');
|
||||
$adminPassword = trim($_POST['admin_password'] ?? '');
|
||||
$adminEmail = trim($_POST['admin_email'] ?? '');
|
||||
|
||||
// Validate
|
||||
if (empty($adminUsername) || !preg_match('/^[a-zA-Z0-9_]+$/', $adminUsername)) {
|
||||
$_SESSION['error'] = 'Username can only contain letters, numbers, and underscores';
|
||||
$this->redirect('/install');
|
||||
return;
|
||||
}
|
||||
|
||||
if (empty($adminPassword) || strlen($adminPassword) < 8) {
|
||||
$_SESSION['error'] = 'Admin password must be at least 8 characters';
|
||||
$this->redirect('/install');
|
||||
@@ -204,10 +211,12 @@ class InstallerController extends Controller
|
||||
|
||||
$sql = file_get_contents($file);
|
||||
|
||||
// Replace password placeholder for user migration
|
||||
if ($migration === '002_create_users_table.sql') {
|
||||
// Replace placeholders for user migration or consolidated schema
|
||||
if ($migration === '002_create_users_table.sql' || $migration === '000_initial_schema_v1.1.0.sql') {
|
||||
$passwordHash = password_hash($adminPassword, PASSWORD_BCRYPT);
|
||||
$sql = str_replace('{{ADMIN_PASSWORD_HASH}}', $passwordHash, $sql);
|
||||
$sql = str_replace('{{ADMIN_USERNAME}}', $adminUsername, $sql);
|
||||
$sql = str_replace('{{ADMIN_EMAIL}}', $adminEmail, $sql);
|
||||
}
|
||||
|
||||
// Execute SQL
|
||||
@@ -233,9 +242,33 @@ class InstallerController extends Controller
|
||||
$results[] = $migration;
|
||||
}
|
||||
|
||||
// Update admin email and ensure admin role and verified status
|
||||
$stmt = $pdo->prepare("UPDATE users SET email = ?, role = 'admin', email_verified = 1 WHERE username = 'admin'");
|
||||
$stmt->execute([$adminEmail]);
|
||||
// If using consolidated schema, mark all individual migrations as executed too
|
||||
if (in_array('000_initial_schema_v1.1.0.sql', $migrations)) {
|
||||
$allMigrations = [
|
||||
'001_create_tables.sql',
|
||||
'002_create_users_table.sql',
|
||||
'003_add_whois_fields.sql',
|
||||
'004_create_tld_registry_table.sql',
|
||||
'005_update_tld_import_logs.sql',
|
||||
'006_add_complete_workflow_import_type.sql',
|
||||
'007_add_app_and_email_settings.sql',
|
||||
'008_add_notes_to_domains.sql',
|
||||
'009_add_authentication_features.sql',
|
||||
'010_add_app_version_setting.sql',
|
||||
'011_create_sessions_table.sql',
|
||||
'012_link_remember_tokens_to_sessions.sql',
|
||||
'013_create_user_notifications_table.sql'
|
||||
];
|
||||
|
||||
$stmt = $pdo->prepare("INSERT INTO migrations (migration) VALUES (?) ON DUPLICATE KEY UPDATE migration=migration");
|
||||
foreach ($allMigrations as $individualMigration) {
|
||||
$stmt->execute([$individualMigration]);
|
||||
}
|
||||
}
|
||||
|
||||
// Update admin user to ensure role and verified status (in case migration already had defaults)
|
||||
$stmt = $pdo->prepare("UPDATE users SET role = 'admin', email_verified = 1 WHERE username = ?");
|
||||
$stmt->execute([$adminUsername]);
|
||||
|
||||
// Generate encryption key if not exists
|
||||
if (empty($_ENV['APP_ENCRYPTION_KEY'])) {
|
||||
@@ -249,12 +282,13 @@ class InstallerController extends Controller
|
||||
// Create welcome notification for admin
|
||||
try {
|
||||
// Get the admin user ID
|
||||
$stmt = $pdo->query("SELECT id FROM users WHERE username = 'admin' LIMIT 1");
|
||||
$stmt = $pdo->prepare("SELECT id FROM users WHERE username = ? LIMIT 1");
|
||||
$stmt->execute([$adminUsername]);
|
||||
$adminUser = $stmt->fetch(\PDO::FETCH_ASSOC);
|
||||
|
||||
if ($adminUser) {
|
||||
$notificationService = new \App\Services\NotificationService();
|
||||
$notificationService->notifyWelcome($adminUser['id'], 'admin');
|
||||
$notificationService->notifyWelcome($adminUser['id'], $adminUsername);
|
||||
}
|
||||
} catch (\Exception $e) {
|
||||
// Don't fail install if notification fails
|
||||
@@ -263,6 +297,7 @@ class InstallerController extends Controller
|
||||
|
||||
// Redirect to complete page
|
||||
$_SESSION['install_complete'] = true;
|
||||
$_SESSION['admin_username'] = $adminUsername;
|
||||
$_SESSION['admin_password'] = $adminPassword;
|
||||
$this->redirect('/install/complete');
|
||||
|
||||
@@ -385,12 +420,15 @@ class InstallerController extends Controller
|
||||
return;
|
||||
}
|
||||
|
||||
$adminUsername = $_SESSION['admin_username'] ?? 'admin';
|
||||
$adminPassword = $_SESSION['admin_password'] ?? null;
|
||||
unset($_SESSION['admin_username']);
|
||||
unset($_SESSION['admin_password']);
|
||||
unset($_SESSION['install_complete']);
|
||||
|
||||
$this->view('installer/complete', [
|
||||
'title' => 'Installation Complete',
|
||||
'adminUsername' => $adminUsername,
|
||||
'adminPassword' => $adminPassword
|
||||
]);
|
||||
}
|
||||
|
||||
@@ -28,7 +28,7 @@ ob_start();
|
||||
<!-- Username Field -->
|
||||
<div>
|
||||
<label for="username" class="block text-sm font-medium text-gray-700 mb-1.5">
|
||||
Username
|
||||
Username or Email
|
||||
</label>
|
||||
<div class="relative">
|
||||
<div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
|
||||
@@ -41,7 +41,7 @@ ob_start();
|
||||
required
|
||||
autofocus
|
||||
class="w-full pl-10 pr-3 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary transition-colors text-sm"
|
||||
placeholder="Enter your username">
|
||||
placeholder="Enter your username or email">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
@@ -45,7 +45,7 @@
|
||||
<div class="space-y-2">
|
||||
<div class="flex items-center justify-between">
|
||||
<span class="text-sm font-medium text-gray-600">Username:</span>
|
||||
<span class="text-sm font-mono font-bold text-gray-900">admin</span>
|
||||
<span class="text-sm font-mono font-bold text-gray-900 select-all"><?= htmlspecialchars($adminUsername ?? 'admin') ?></span>
|
||||
</div>
|
||||
<div class="flex items-center justify-between">
|
||||
<span class="text-sm font-medium text-gray-600">Password:</span>
|
||||
|
||||
@@ -78,6 +78,21 @@
|
||||
<h3 class="text-lg font-semibold text-gray-900 mb-4">Administrator Account</h3>
|
||||
|
||||
<div class="space-y-4">
|
||||
<div>
|
||||
<label for="admin_username" class="block text-sm font-medium text-gray-700 mb-2">
|
||||
Username <span class="text-red-500">*</span>
|
||||
</label>
|
||||
<div class="relative">
|
||||
<div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
|
||||
<i class="fas fa-user text-gray-400 text-sm"></i>
|
||||
</div>
|
||||
<input type="text" id="admin_username" name="admin_username" required pattern="[a-zA-Z0-9_]+"
|
||||
class="w-full pl-10 pr-3 py-2.5 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-primary"
|
||||
placeholder="admin" value="admin">
|
||||
</div>
|
||||
<p class="text-xs text-gray-500 mt-1">Letters, numbers, and underscores only</p>
|
||||
</div>
|
||||
|
||||
<div>
|
||||
<label for="admin_email" class="block text-sm font-medium text-gray-700 mb-2">
|
||||
Email Address <span class="text-red-500">*</span>
|
||||
|
||||
Reference in New Issue
Block a user