source: server/bin/settoken @ 084fdc1

Last change on this file since 084fdc1 was 38feca6, checked in by OpenGnSys Support Team <soporte-og@…>, 5 years ago

#988 Adapt settoken to the new json config file

This patch sets the renewed api_token in the config file ogserver.json
  • Property mode set to 100755
File size: 2.8 KB
RevLine 
[8495409]1#!/bin/bash
2
3#/**
4#@file    settoken
[afd6b4e]5#@brief   Generate a new security token for the specified service or user.
6#@usage   settoken [[-f] [Service]] | User
[c25e2ce]7#@param   -f         force server restart without prompting (ask by default)
8#@param   Service    may be "server", "repo" or "services" (for all services, by default)
9#@param   User       OpenGnsys-defined username
[8495409]10#@warning This script uses "php" command.
[e020339]11#@version 1.1.1 - Initial version.
[8495409]12#@author  Ramón M. Gómez - ETSII Univ. Sevilla
13#@date    2019-09-25
14#*/ ##
15
[c25e2ce]16# Global constants.
17OPENGNSYS=${OPENGNSYS:-"/opt/opengnsys"}
[38feca6]18SERVERCFG=$OPENGNSYS/etc/ogserver.json
[8495409]19REPOCFG=$OPENGNSYS/etc/ogAdmRepo.cfg
20
21# Functions.
[afd6b4e]22source $OPENGNSYS/lib/ogfunctions.sh || exit 1
23
24function new_token() {
25    php -r 'echo md5(uniqid(rand(), true));'
26}
[8495409]27
28# Error control.
29if [ "$1" == "-f" ]; then
30    FORCE=1
31    shift
32fi
33[ $# -gt 1 ] && raiseError usage
34case "${1,,}" in
[c25e2ce]35    help)           # Show help.
[8495409]36        help ;;
[c25e2ce]37    version)        # Show version number.
38        version ;;
[afd6b4e]39    server)         # Generate server token.
[8495409]40        SERVER=1 ;;
[afd6b4e]41    repo)           # Generate repository token.
[8495409]42        REPO=1 ;;
[afd6b4e]43    ""|services)    # Generate server and repo tokens.
[8495409]44        SERVER=1; REPO=1 ;;
[afd6b4e]45    *)              # Generate user token.
[c25e2ce]46        OGUSER="${1//\'/\\\'}" ;;
[8495409]47esac
[c25e2ce]48[ "$USER" != "root" ] && raiseError access "Need to be root"
[8495409]49[ -w $SERVERCFG ] || raiseError access "Server configuration file"
[afd6b4e]50
51# Update user token.
52if [ "$OGUSER" ]; then
53    APIKEY="$(new_token)"
54    DATA="
55UPDATE usuarios
56   SET apikey='$APIKEY', idusuario=LAST_INSERT_ID(idusuario)
57 WHERE usuario='$OGUSER';
58SELECT LAST_INSERT_ID();
59"
60    [ "$(dbexec "$DATA")" == "0" ] && raiseError notfound "User \"$OGUSER\""
61fi
[8495409]62
63# Update server token.
64if [ "$SERVER" ]; then
65    # Confirm action (server will be restarted).
66    if [ ! "$FORCE" ]; then
67        read -rp "It will be necessary to restart ogAdmServer service. Continue? [y/N]: " ANSWER
68        [ "${ANSWER,,}" != "y" ] && raiseError cancel "API tokens not updated"
69    fi
[afd6b4e]70    APIKEY="$(new_token)"
[38feca6]71    sed -i "s/\"api_token\": \".*\"/\"api_token\": \"$APIKEY\"/" $SERVERCFG || raiseError access "Cannot update server file"
[8495409]72fi
73
74# Update repository token.
75if [ "$REPO" ]; then
76    [ -w $REPOCFG ] || raiseError access "Repository configuration file"
[afd6b4e]77    APIKEY="$(new_token)"
[dde2db1]78    sed -i -n -e "/^ApiToken=/!p" -e "$ a\ApiToken=$APIKEY" $REPOCFG || raiseError access "Cannot update repository file"
[8495409]79    # If database is local, update it.
80    source $REPOCFG
81    if [ "$ServidorAdm" == "$IPlocal" ]; then
[afd6b4e]82        dbexec "UPDATE repositorios SET apikey='$APIKEY' WHERE ip='$IPlocal';"
[dde2db1]83    else
84        echo "Please, don't forget to update the authentication token for this repository on the web server (check the file ogAdmRepo.cfg)."
[8495409]85    fi
86fi
87
88# Restart server, if needed.
89if [ "$SERVER" ]; then
90    restart opengnsys
91fi
92
Note: See TracBrowser for help on using the repository browser.