source: server/bin/settoken @ 062ea34

918-git-images-111dconfigfileconfigure-oglivegit-imageslgromero-new-oglivemainmaint-cronmount-efivarfsmultivmmultivm-ogboot-installerogClonningEngineogboot-installer-jenkinsoglive-ipv6test-python-scriptsticket-301ticket-50ticket-50-oldticket-577ticket-585ticket-611ticket-612ticket-693ticket-700ubu24tplunification2use-local-agent-oglivevarios-instalacion
Last change on this file since 062ea34 was afd6b4e, checked in by Ramón M. Gómez <ramongomez@…>, 5 years ago

#925: Script settoken changes REST token for users.
  • Property mode set to 100755
File size: 2.9 KB
RevLine 
[8495409]1#!/bin/bash
2
3#/**
4#@file    settoken
[afd6b4e]5#@brief   Generate a new security token for the specified service or user.
6#@usage   settoken [[-f] [Service]] | User
[8495409]7#@param   -f: force server restart without prompting (ask by default)
[afd6b4e]8#@param   Service: may be "server", "repo" or "services" (for all services, by default)
9#@param   User: OpenGnsys-defined username
[8495409]10#@warning This script uses "php" command.
[e020339]11#@version 1.1.1 - Initial version.
[8495409]12#@author  Ramón M. Gómez - ETSII Univ. Sevilla
13#@date    2019-09-25
14#*/ ##
15
16# Global constants definition.
17PROG=$(basename "$(realpath "$0")")                     # Program name.
18OPENGNSYS=/opt/opengnsys                                # OpenGnsys main directory.
19SERVERCFG=$OPENGNSYS/etc/ogAdmServer.cfg                # Configuration files.
20REPOCFG=$OPENGNSYS/etc/ogAdmRepo.cfg
21
22# Functions.
[afd6b4e]23source $OPENGNSYS/lib/ogfunctions.sh || exit 1
24
25function new_token() {
26    php -r 'echo md5(uniqid(rand(), true));'
27}
[8495409]28
29# Error control.
[e020339]30[ "$USER" != "root" ] && raiseError access "Need to be root"
[8495409]31if [ "$1" == "-f" ]; then
32    FORCE=1
33    shift
34fi
35[ $# -gt 1 ] && raiseError usage
36case "${1,,}" in
37    help)
38        help ;;
[afd6b4e]39    server)         # Generate server token.
[8495409]40        SERVER=1 ;;
[afd6b4e]41    repo)           # Generate repository token.
[8495409]42        REPO=1 ;;
[afd6b4e]43    ""|services)    # Generate server and repo tokens.
[8495409]44        SERVER=1; REPO=1 ;;
[afd6b4e]45    *)              # Generate user token.
46        OGUSER="$1" ;;
[8495409]47esac
48[ -w $SERVERCFG ] || raiseError access "Server configuration file"
[afd6b4e]49source $SERVERCFG
50
51# Update user token.
52if [ "$OGUSER" ]; then
53    APIKEY="$(new_token)"
54    DATA="
55UPDATE usuarios
56   SET apikey='$APIKEY', idusuario=LAST_INSERT_ID(idusuario)
57 WHERE usuario='$OGUSER';
58SELECT LAST_INSERT_ID();
59"
60    [ "$(dbexec "$DATA")" == "0" ] && raiseError notfound "User \"$OGUSER\""
61fi
[8495409]62
63# Update server token.
64if [ "$SERVER" ]; then
65    # Confirm action (server will be restarted).
66    if [ ! "$FORCE" ]; then
67        read -rp "It will be necessary to restart ogAdmServer service. Continue? [y/N]: " ANSWER
68        [ "${ANSWER,,}" != "y" ] && raiseError cancel "API tokens not updated"
69    fi
[afd6b4e]70    APIKEY="$(new_token)"
[dde2db1]71    sed -i -n -e "/^APITOKEN=/!p" -e "$ a\APITOKEN=$APIKEY" $SERVERCFG || raiseError access "Cannot update server file"
[8495409]72fi
73
74# Update repository token.
75if [ "$REPO" ]; then
76    [ -w $REPOCFG ] || raiseError access "Repository configuration file"
[afd6b4e]77    APIKEY="$(new_token)"
[dde2db1]78    sed -i -n -e "/^ApiToken=/!p" -e "$ a\ApiToken=$APIKEY" $REPOCFG || raiseError access "Cannot update repository file"
[8495409]79    # If database is local, update it.
80    source $REPOCFG
81    if [ "$ServidorAdm" == "$IPlocal" ]; then
[afd6b4e]82        dbexec "UPDATE repositorios SET apikey='$APIKEY' WHERE ip='$IPlocal';"
[dde2db1]83    else
84        echo "Please, don't forget to update the authentication token for this repository on the web server (check the file ogAdmRepo.cfg)."
[8495409]85    fi
86fi
87
88# Restart server, if needed.
89if [ "$SERVER" ]; then
90    restart opengnsys
91fi
92
Note: See TracBrowser for help on using the repository browser.