Add a random admin password in config.toml generated with --new.

knadh · Dec 18, 2021 · fe9e284 · fe9e284
1 parent 232be45
commit fe9e284
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 2 deletions.
diff --git a/cmd/dictpress/init.go b/cmd/dictpress/init.go
@@ -1,13 +1,17 @@
 package main
 
 import (
+	"bytes"
+	"crypto/rand"
 	"errors"
 	"fmt"
 	"html/template"
 	"io/ioutil"
+	mrand "math/rand"
 	"net/http"
 	"os"
 	"path/filepath"
+	"unicode"
 
 	"github.com/jmoiron/sqlx"
 	"github.com/knadh/dictpress/internal/data"
@@ -208,6 +212,19 @@ func generateNewFiles() error {
 		return fmt.Errorf("error reading sample config (is binary stuffed?): %v", err)
 	}
 
+	// Inject a random password.
+	p := make([]byte, 12)
+	rand.Read(p)
+	pwd := []byte(fmt.Sprintf("%x", p))
+
+	for i, c := range pwd {
+		if mrand.Intn(4) == 1 {
+			pwd[i] = byte(unicode.ToUpper(rune(c)))
+		}
+	}
+
+	b = bytes.Replace(b, []byte("dictpress_admin_password"), pwd, -1)
+
 	if err := ioutil.WriteFile("config.toml", b, 0644); err != nil {
 		return err
 	}

diff --git a/config.sample.toml b/config.sample.toml
@@ -16,8 +16,8 @@ root_url = "http://localhost:9000"
 enable_pages = false
 
 # Admin dashboard and API credentials.
-admin_username = "your-user-name-min-6-chars"
-admin_password = "use-a-long-password-min-8-chars"
+admin_username = "dictpress"
+admin_password = "dictpress_admin_password"
 
 
 [results]