Fix: Update admin credentials on startup instead of only creating once
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
- Modified create_admin_user() to update existing admin with new credentials - Removes old admin users when ADMIN_EMAIL changes - Ensures credential changes from environment variables take effect immediately - Fixes issue where ADMIN_EMAIL changes were being ignored
This commit is contained in:
dvirlabs
parent
22f995bc80
commit
bce4c91002
@ -21,7 +21,7 @@ uploads_dir.mkdir(exist_ok=True)
|
|||||||
# Create tables
|
# Create tables
|
||||||
Base.metadata.create_all(bind=engine)
|
Base.metadata.create_all(bind=engine)
|
||||||
|
|
||||||
# Create admin user if doesn't exist
|
# Create or update admin user
|
||||||
def create_admin_user():
|
def create_admin_user():
|
||||||
from app.database.database import SessionLocal
|
from app.database.database import SessionLocal
|
||||||
from app.models.user import User
|
from app.models.user import User
|
||||||
@ -29,24 +29,27 @@ def create_admin_user():
|
|||||||
|
|
||||||
db = SessionLocal()
|
db = SessionLocal()
|
||||||
try:
|
try:
|
||||||
|
# Check if admin with current email exists
|
||||||
admin = db.query(User).filter(User.email == settings.admin_email).first()
|
admin = db.query(User).filter(User.email == settings.admin_email).first()
|
||||||
if not admin:
|
|
||||||
try:
|
|
||||||
hashed_password = get_password_hash(settings.admin_password)
|
|
||||||
except Exception as hash_error:
|
|
||||||
print(f"⚠️ Password hashing error: {hash_error}")
|
|
||||||
print("⚠️ Using direct bcrypt hash as fallback...")
|
|
||||||
# Fallback: use bcrypt directly to avoid passlib version issues
|
|
||||||
import bcrypt
|
|
||||||
hashed_password = bcrypt.hashpw(
|
|
||||||
settings.admin_password.encode('utf-8'),
|
|
||||||
bcrypt.gensalt()
|
|
||||||
).decode('utf-8')
|
|
||||||
|
|
||||||
|
if admin:
|
||||||
|
# Admin exists, update password if needed
|
||||||
|
admin.hashed_password = get_password_hash(settings.admin_password)
|
||||||
|
admin.full_name = settings.admin_full_name
|
||||||
|
db.commit()
|
||||||
|
print(f"ℹ️ Admin user updated: {settings.admin_email}")
|
||||||
|
else:
|
||||||
|
# Delete any other admin users (old ones with different emails)
|
||||||
|
old_admins = db.query(User).filter(User.is_admin == True).all()
|
||||||
|
for old_admin in old_admins:
|
||||||
|
db.delete(old_admin)
|
||||||
|
db.commit()
|
||||||
|
|
||||||
|
# Create new admin user
|
||||||
admin = User(
|
admin = User(
|
||||||
email=settings.admin_email,
|
email=settings.admin_email,
|
||||||
full_name=settings.admin_full_name,
|
full_name=settings.admin_full_name,
|
||||||
hashed_password=hashed_password,
|
hashed_password=get_password_hash(settings.admin_password),
|
||||||
is_admin=True,
|
is_admin=True,
|
||||||
is_active=True,
|
is_active=True,
|
||||||
must_change_password=True # Force password change on first login
|
must_change_password=True # Force password change on first login
|
||||||
@ -55,8 +58,6 @@ def create_admin_user():
|
|||||||
db.commit()
|
db.commit()
|
||||||
print(f"✅ Admin user created: {settings.admin_email}")
|
print(f"✅ Admin user created: {settings.admin_email}")
|
||||||
print(f"⚠️ Default password: {settings.admin_password} (CHANGE THIS!)")
|
print(f"⚠️ Default password: {settings.admin_password} (CHANGE THIS!)")
|
||||||
else:
|
|
||||||
print(f"ℹ️ Admin user already exists: {settings.admin_email}")
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
print(f"❌ Error creating admin user: {e}")
|
print(f"❌ Error creating admin user: {e}")
|
||||||
db.rollback()
|
db.rollback()
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user