summaryrefslogtreecommitdiffstats
path: root/server/bin/settoken
blob: 36f65f358fc5bf5f3960c4b4f822c85c34551b88 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/bin/bash

#/**
#@file    settoken
#@brief   Generate a new security token for the specified service.
#@usage   settoken [-f] [Service]
#@param   -f: force server restart without prompting (ask by default)
#@param   Service: may be "server", "repo" or "both" (by default)
#@warning This script uses "php" command.
#@version 1.1.1 - Initial version.
#@author  Ramón M. Gómez - ETSII Univ. Sevilla
#@date    2019-09-25
#*/ ##

# Global constants definition.
PROG=$(basename "$(realpath "$0")")                     # Program name.
OPENGNSYS=/opt/opengnsys                                # OpenGnsys main directory.
SERVERCFG=$OPENGNSYS/etc/ogAdmServer.cfg                # Configuration files.
REPOCFG=$OPENGNSYS/etc/ogAdmRepo.cfg

# Functions.
source $OPENGNSYS/lib/ogfunctions.sh

# Error control.
[ "$USER" != "root" ] && raiseError access "Need to be root"
if [ "$1" == "-f" ]; then
    FORCE=1
    shift
fi
[ $# -gt 1 ] && raiseError usage
case "${1,,}" in
    help)
        help ;;
    server)
        SERVER=1 ;;
    repo)
        REPO=1 ;;
    ""|both)
        SERVER=1; REPO=1 ;;
    *)
      	raiseError notfound "Unknown service"
esac
[ -w $SERVERCFG ] || raiseError access "Server configuration file"

# Update server token.
if [ "$SERVER" ]; then
    # Confirm action (server will be restarted).
    if [ ! "$FORCE" ]; then
        read -rp "It will be necessary to restart ogAdmServer service. Continue? [y/N]: " ANSWER
        [ "${ANSWER,,}" != "y" ] && raiseError cancel "API tokens not updated"
    fi
    APIKEY=$(php -r 'echo md5(uniqid(rand(), true));')
    sed -i -n -e "/^APITOKEN=/!p" -e "$ a\APITOKEN=$APIKEY" $SERVERCFG || raiseError access "Cannot update server file"
fi

# Update repository token.
if [ "$REPO" ]; then
    [ -w $REPOCFG ] || raiseError access "Repository configuration file"
    APIKEY=$(php -r 'echo md5(uniqid(rand(), true));')
    sed -i -n -e "/^ApiToken=/!p" -e "$ a\ApiToken=$APIKEY" $REPOCFG || raiseError access "Cannot update repository file"
    # If database is local, update it.
    source $SERVERCFG
    source $REPOCFG
    if [ "$ServidorAdm" == "$IPlocal" ]; then
        MYCNF=$(mktemp)
        trap "rm -f $MYCNF" 0 1 2 3 6 9 15
        chmod 600 $MYCNF
        cat << EOT > $MYCNF
[client]
user=$USUARIO
password=$PASSWORD
host=$datasource
EOT
        mysql --defaults-extra-file="$MYCNF" --default-character-set=utf8 -D "$CATALOG" -e \
            "UPDATE repositorios SET apikey='$APIKEY' WHERE ip='$IPlocal';" || raiseError access  "Database error"
    else
        echo "Please, don't forget to update the authentication token for this repository on the web server (check the file ogAdmRepo.cfg)."
    fi
fi

# Restart server, if needed.
if [ "$SERVER" ]; then
    restart opengnsys
fi