33 lines
773 B
Go
33 lines
773 B
Go
package auth
|
|
|
|
import (
|
|
"log"
|
|
|
|
"trade/web/internal/store"
|
|
)
|
|
|
|
// Bootstrap 在 auth.db 没有任何 admin 时,从 ADMIN_USER/ADMIN_PASS 写入一条管理员;
|
|
// 已存在 admin 时静默跳过,避免轮换 env 时静默改密。
|
|
func Bootstrap(s *store.AuthStore, adminUser, adminPass string) error {
|
|
n, err := s.CountAdmins()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if n > 0 {
|
|
return nil
|
|
}
|
|
if adminUser == "" || adminPass == "" {
|
|
log.Printf("[bootstrap] auth.db 无 admin,但 ADMIN_USER/ADMIN_PASS 未设置,跳过引导")
|
|
return nil
|
|
}
|
|
hash, err := HashPassword(adminPass)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if _, err := s.CreateUser(adminUser, hash, store.RoleAdmin); err != nil {
|
|
return err
|
|
}
|
|
log.Printf("[bootstrap] admin %q created", adminUser)
|
|
return nil
|
|
}
|