pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-12 07:56:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add setup token security for initial server setup

Browse Source 
- Add setupTokens database table with proper schema
- Implement setup token generation on first server startup
- Add token validation endpoint and modify admin creation
- Update initial setup page to require setup token
- Add migration scripts for both SQLite and PostgreSQL
- Add internationalization support for setup token fields
- Implement proper error handling and logging
- Add CLI command for resetting user security keys

This prevents unauthorized access during initial server setup by requiring
a token that is generated and displayed in the server console.
This commit is contained in:
Adrian Astles
2025-08-03 21:17:18 +08:00
parent 84268e484d
commit 69baa6785f
15 changed files with 322 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/setup/migrationsPg.ts
View File

@@ -8,6 +8,7 @@ import path from "path";
import m1 from "./scriptsPg/1.6.0";
import m2 from "./scriptsPg/1.7.0";
import m3 from "./scriptsPg/1.8.0";
import m4 from "./scriptsPg/1.9.0";
// THIS CANNOT IMPORT ANYTHING FROM THE SERVER
// EXCEPT FOR THE DATABASE AND THE SCHEMA
@@ -16,7 +17,8 @@ import m3 from "./scriptsPg/1.8.0";
const migrations = [
{ version: "1.6.0", run: m1 },
{ version: "1.7.0", run: m2 },
{ version: "1.8.0", run: m3 }
{ version: "1.8.0", run: m3 },
{ version: "1.9.0", run: m4 }
// Add new migrations here as they are created
] as {
version: string;