Allow to set the initial super admin username / password in server config file. Ref #1857

2024-11-12 19:38:57 +00:00 · 2021-05-16 20:01:05 +09:30 · 2021-05-16 20:01:05 +09:30 · f416d64042
commit f416d64042
parent fffbb08a8e
3 changed files with 17 additions and 3 deletions
--- a/conf/gns3_server.conf
+++ b/conf/gns3_server.conf
@ -64,6 +64,14 @@ user = gns3
 ; Password for HTTP authentication.
 password = gns3

+; Initial default super admin username
+; It cannot be changed once the server has started once
+default_admin_username = "admin"
+
+; Initial default super admin username
+; It cannot be changed once the server has started once
+default_admin_password = "admin"
+
 ; Only allow these interfaces to be used by GNS3, for the Cloud node for example (Linux/OSX only)
 ; Do not forget to allow virbr0 in order for the NAT node to work
 allowed_interfaces = eth0,eth1,virbr0
--- a/gns3server/db/models/users.py
+++ b/gns3server/db/models/users.py
@ -19,6 +19,7 @@ from sqlalchemy import Table, Boolean, Column, String, ForeignKey, event
 from sqlalchemy.orm import relationship

 from .base import Base, BaseTable, generate_uuid, GUID
+from gns3server.config import Config
 from gns3server.services import auth_service

 import logging
@ -50,9 +51,12 @@ class User(BaseTable):
@event.listens_for(User.__table__, 'after_create')
 def create_default_super_admin(target, connection, **kw):

-    hashed_password = auth_service.hash_password("admin")
+    config = Config.instance().settings
+    default_admin_username = config.Server.default_admin_username
+    default_admin_password = config.Server.default_admin_password.get_secret_value()
+    hashed_password = auth_service.hash_password(default_admin_password)
    stmt = target.insert().values(
-        username="admin",
+        username=default_admin_username,
        full_name="Super Administrator",
        hashed_password=hashed_password,
        is_superadmin=True
@ -96,7 +100,7 @@ def add_admin_to_group(target, connection, **kw):
    user_group_id = result.first().user_group_id

    users_table = User.__table__
-    stmt = users_table.select().where(users_table.c.username == "admin")
+    stmt = users_table.select().where(users_table.c.is_superadmin.is_(True))
    result = connection.execute(stmt)
    user_id = result.first().user_id

--- a/gns3server/schemas/config.py
+++ b/gns3server/schemas/config.py
@ -134,6 +134,8 @@ class ServerSettings(BaseModel):
    user: str = None
    password: SecretStr = None
    enable_http_auth: bool = False
+    default_admin_username: str = "admin"
+    default_admin_password: SecretStr = SecretStr("admin")
    allowed_interfaces: List[str] = Field(default_factory=list)
    default_nat_interface: str = None
    allow_remote_console: bool = False