source: server/bin/settoken @ 5d05b06

Last change on this file since 5d05b06 was 63b3fbf, checked in by Irina Gómez <irinagomez@…>, 4 years ago

#988 Fix settoken json handling
source_json_config loads config values.
  • Property mode set to 100755
File size: 2.9 KB
RevLine 
[8495409]1#!/bin/bash
2
3#/**
4#@file    settoken
[afd6b4e]5#@brief   Generate a new security token for the specified service or user.
6#@usage   settoken [[-f] [Service]] | User
[c25e2ce]7#@param   -f         force server restart without prompting (ask by default)
8#@param   Service    may be "server", "repo" or "services" (for all services, by default)
9#@param   User       OpenGnsys-defined username
[8495409]10#@warning This script uses "php" command.
[e020339]11#@version 1.1.1 - Initial version.
[8495409]12#@author  Ramón M. Gómez - ETSII Univ. Sevilla
13#@date    2019-09-25
14#*/ ##
15
[c25e2ce]16# Global constants.
17OPENGNSYS=${OPENGNSYS:-"/opt/opengnsys"}
[38feca6]18SERVERCFG=$OPENGNSYS/etc/ogserver.json
[8495409]19REPOCFG=$OPENGNSYS/etc/ogAdmRepo.cfg
20
21# Functions.
[afd6b4e]22source $OPENGNSYS/lib/ogfunctions.sh || exit 1
23
24function new_token() {
25    php -r 'echo md5(uniqid(rand(), true));'
26}
[8495409]27
28# Error control.
29if [ "$1" == "-f" ]; then
30    FORCE=1
31    shift
32fi
33[ $# -gt 1 ] && raiseError usage
34case "${1,,}" in
[c25e2ce]35    help)           # Show help.
[8495409]36        help ;;
[c25e2ce]37    version)        # Show version number.
38        version ;;
[afd6b4e]39    server)         # Generate server token.
[8495409]40        SERVER=1 ;;
[afd6b4e]41    repo)           # Generate repository token.
[8495409]42        REPO=1 ;;
[afd6b4e]43    ""|services)    # Generate server and repo tokens.
[8495409]44        SERVER=1; REPO=1 ;;
[afd6b4e]45    *)              # Generate user token.
[c25e2ce]46        OGUSER="${1//\'/\\\'}" ;;
[8495409]47esac
[c25e2ce]48[ "$USER" != "root" ] && raiseError access "Need to be root"
[8495409]49[ -w $SERVERCFG ] || raiseError access "Server configuration file"
[63b3fbf]50source_json_config $SERVERCFG
[afd6b4e]51
52# Update user token.
53if [ "$OGUSER" ]; then
54    APIKEY="$(new_token)"
55    DATA="
56UPDATE usuarios
57   SET apikey='$APIKEY', idusuario=LAST_INSERT_ID(idusuario)
58 WHERE usuario='$OGUSER';
59SELECT LAST_INSERT_ID();
60"
61    [ "$(dbexec "$DATA")" == "0" ] && raiseError notfound "User \"$OGUSER\""
62fi
[8495409]63
64# Update server token.
65if [ "$SERVER" ]; then
66    # Confirm action (server will be restarted).
67    if [ ! "$FORCE" ]; then
68        read -rp "It will be necessary to restart ogAdmServer service. Continue? [y/N]: " ANSWER
69        [ "${ANSWER,,}" != "y" ] && raiseError cancel "API tokens not updated"
70    fi
[afd6b4e]71    APIKEY="$(new_token)"
[38feca6]72    sed -i "s/\"api_token\": \".*\"/\"api_token\": \"$APIKEY\"/" $SERVERCFG || raiseError access "Cannot update server file"
[8495409]73fi
74
75# Update repository token.
76if [ "$REPO" ]; then
77    [ -w $REPOCFG ] || raiseError access "Repository configuration file"
[afd6b4e]78    APIKEY="$(new_token)"
[dde2db1]79    sed -i -n -e "/^ApiToken=/!p" -e "$ a\ApiToken=$APIKEY" $REPOCFG || raiseError access "Cannot update repository file"
[8495409]80    # If database is local, update it.
81    source $REPOCFG
82    if [ "$ServidorAdm" == "$IPlocal" ]; then
[afd6b4e]83        dbexec "UPDATE repositorios SET apikey='$APIKEY' WHERE ip='$IPlocal';"
[dde2db1]84    else
85        echo "Please, don't forget to update the authentication token for this repository on the web server (check the file ogAdmRepo.cfg)."
[8495409]86    fi
87fi
88
89# Restart server, if needed.
90if [ "$SERVER" ]; then
91    restart opengnsys
92fi
93
Note: See TracBrowser for help on using the repository browser.