feat: add config flag to hash-password tool (#2047)
This change implements a --config flag for the hash-password which parses the config and validates it just as it would at run-time. The values specified in the config replace those specified as parameters. * feat(cmd): add config flag to hash-password tool * fix(cmd): fix linting issue Closes: #1709.pull/2380/head
parent
69f37d4161
commit
a88c5588e8
|
@ -69,7 +69,7 @@ resetting their passwords.
|
||||||
### path
|
### path
|
||||||
<div markdown="1">
|
<div markdown="1">
|
||||||
type: string (path)
|
type: string (path)
|
||||||
{: .label .label-config .label-purple }
|
{: .label .label-config .label-purple }
|
||||||
required: yes
|
required: yes
|
||||||
{: .label .label-config .label-red }
|
{: .label .label-config .label-red }
|
||||||
</div>
|
</div>
|
||||||
|
@ -80,7 +80,7 @@ required: yes
|
||||||
#### algorithm
|
#### algorithm
|
||||||
<div markdown="1">
|
<div markdown="1">
|
||||||
type: string
|
type: string
|
||||||
{: .label .label-config .label-purple }
|
{: .label .label-config .label-purple }
|
||||||
default: argon2id
|
default: argon2id
|
||||||
{: .label .label-config .label-blue }
|
{: .label .label-config .label-blue }
|
||||||
required: no
|
required: no
|
||||||
|
@ -108,7 +108,7 @@ When using `sha512` the minimum is 1000, and 50000 is the recommended value.
|
||||||
#### salt_length
|
#### salt_length
|
||||||
<div markdown="1">
|
<div markdown="1">
|
||||||
type: integer
|
type: integer
|
||||||
{: .label .label-config .label-purple }
|
{: .label .label-config .label-purple }
|
||||||
default: 16
|
default: 16
|
||||||
{: .label .label-config .label-blue }
|
{: .label .label-config .label-blue }
|
||||||
required: no
|
required: no
|
||||||
|
@ -122,7 +122,7 @@ and there is no documented reason why you'd set it to anything other than this,
|
||||||
#### parallelism
|
#### parallelism
|
||||||
<div markdown="1">
|
<div markdown="1">
|
||||||
type: integer
|
type: integer
|
||||||
{: .label .label-config .label-purple }
|
{: .label .label-config .label-purple }
|
||||||
default: 8
|
default: 8
|
||||||
{: .label .label-config .label-blue }
|
{: .label .label-config .label-blue }
|
||||||
required: no
|
required: no
|
||||||
|
@ -158,6 +158,8 @@ For instance to generate a hash with the docker image just run:
|
||||||
$ docker run authelia/authelia:latest authelia hash-password 'yourpassword'
|
$ docker run authelia/authelia:latest authelia hash-password 'yourpassword'
|
||||||
Password hash: $argon2id$v=19$m=65536$3oc26byQuSkQqksq$zM1QiTvVPrMfV6BVLs2t4gM+af5IN7euO0VB6+Q8ZFs
|
Password hash: $argon2id$v=19$m=65536$3oc26byQuSkQqksq$zM1QiTvVPrMfV6BVLs2t4gM+af5IN7euO0VB6+Q8ZFs
|
||||||
|
|
||||||
|
You may also use the `--config` flag to point to your existing configuration. When used, the values defined in the config will be used instead.
|
||||||
|
|
||||||
Full CLI Help Documentation:
|
Full CLI Help Documentation:
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
|
@ -7,6 +7,7 @@ import (
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
|
|
||||||
"github.com/authelia/authelia/v4/internal/authentication"
|
"github.com/authelia/authelia/v4/internal/authentication"
|
||||||
|
"github.com/authelia/authelia/v4/internal/configuration"
|
||||||
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
||||||
"github.com/authelia/authelia/v4/internal/logging"
|
"github.com/authelia/authelia/v4/internal/logging"
|
||||||
)
|
)
|
||||||
|
@ -27,11 +28,14 @@ func NewHashPasswordCmd() (cmd *cobra.Command) {
|
||||||
cmd.Flags().IntP("parallelism", "p", schema.DefaultPasswordConfiguration.Parallelism, "[argon2id] set the parallelism param")
|
cmd.Flags().IntP("parallelism", "p", schema.DefaultPasswordConfiguration.Parallelism, "[argon2id] set the parallelism param")
|
||||||
cmd.Flags().IntP("key-length", "k", schema.DefaultPasswordConfiguration.KeyLength, "[argon2id] set the key length param")
|
cmd.Flags().IntP("key-length", "k", schema.DefaultPasswordConfiguration.KeyLength, "[argon2id] set the key length param")
|
||||||
cmd.Flags().IntP("salt-length", "l", schema.DefaultPasswordConfiguration.SaltLength, "set the auto-generated salt length")
|
cmd.Flags().IntP("salt-length", "l", schema.DefaultPasswordConfiguration.SaltLength, "set the auto-generated salt length")
|
||||||
|
cmd.Flags().StringSliceP("config", "c", []string{}, "Configuration files")
|
||||||
|
|
||||||
return cmd
|
return cmd
|
||||||
}
|
}
|
||||||
|
|
||||||
func cmdHashPasswordRun(cmd *cobra.Command, args []string) {
|
func cmdHashPasswordRun(cmd *cobra.Command, args []string) {
|
||||||
|
logger := logging.Logger()
|
||||||
|
|
||||||
sha512, _ := cmd.Flags().GetBool("sha512")
|
sha512, _ := cmd.Flags().GetBool("sha512")
|
||||||
iterations, _ := cmd.Flags().GetInt("iterations")
|
iterations, _ := cmd.Flags().GetInt("iterations")
|
||||||
salt, _ := cmd.Flags().GetString("salt")
|
salt, _ := cmd.Flags().GetString("salt")
|
||||||
|
@ -39,6 +43,25 @@ func cmdHashPasswordRun(cmd *cobra.Command, args []string) {
|
||||||
saltLength, _ := cmd.Flags().GetInt("salt-length")
|
saltLength, _ := cmd.Flags().GetInt("salt-length")
|
||||||
memory, _ := cmd.Flags().GetInt("memory")
|
memory, _ := cmd.Flags().GetInt("memory")
|
||||||
parallelism, _ := cmd.Flags().GetInt("parallelism")
|
parallelism, _ := cmd.Flags().GetInt("parallelism")
|
||||||
|
configs, _ := cmd.Flags().GetStringSlice("config")
|
||||||
|
|
||||||
|
if len(configs) > 0 {
|
||||||
|
val := schema.NewStructValidator()
|
||||||
|
|
||||||
|
_, config, err := configuration.Load(val, configuration.NewDefaultSources(configs, configuration.DefaultEnvPrefix, configuration.DefaultEnvDelimiter)...)
|
||||||
|
if err != nil {
|
||||||
|
logger.Fatalf("Error occurred loading configuration: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if config.AuthenticationBackend.File != nil && config.AuthenticationBackend.File.Password != nil {
|
||||||
|
sha512 = config.AuthenticationBackend.File.Password.Algorithm == "sha512"
|
||||||
|
iterations = config.AuthenticationBackend.File.Password.Iterations
|
||||||
|
keyLength = config.AuthenticationBackend.File.Password.KeyLength
|
||||||
|
saltLength = config.AuthenticationBackend.File.Password.SaltLength
|
||||||
|
memory = config.AuthenticationBackend.File.Password.Memory
|
||||||
|
parallelism = config.AuthenticationBackend.File.Password.Parallelism
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
hash string
|
hash string
|
||||||
|
|
Loading…
Reference in New Issue