auth changes

2025-10-02 11:14:43 -04:00
parent b4db0461a0
commit 002302bb52
6 changed files with 29 additions and 9 deletions
--- a/.env.example
+++ b/.env.example
@@ -7,3 +7,8 @@ SITE_URL=https://your-domain.com
 # Generate a secure random string for production
 # You can use: openssl rand -hex 32
 AUTH_SECRET=change-this-secret-in-production
+
+# Admin Credentials
+# Set your admin username and password here
+ADMIN_USERNAME=admin
+ADMIN_PASSWORD=admin123
--- a/README.md
+++ b/README.md
@@ -31,6 +31,8 @@ This application uses environment variables for configuration. These must be set
 |----------|-------------|----------|---------|
 | `SITE_URL` | Public URL where the app is hosted (used for QR codes) | Yes | `https://nlcc.rydertech.us` |
 | `AUTH_SECRET` | Secret key for authentication sessions | Yes | `change-this-secret-in-production` |
+| `ADMIN_USERNAME` | Admin login username | Yes | `admin` |
+| `ADMIN_PASSWORD` | Admin login password | Yes | `admin123` |

 ### Setting Up Environment Variables

@@ -73,6 +75,10 @@ SITE_URL=https://your-domain.com
 # Required: Set a secure authentication secret
 # Generate with: openssl rand -hex 32
 AUTH_SECRET=your-secure-random-secret-here
+
+# Required: Set your admin credentials
+ADMIN_USERNAME=your-admin-username
+ADMIN_PASSWORD=your-secure-password
 ```

 4. Build and run with Docker Compose:
@@ -84,12 +90,15 @@ The application will be available at `http://localhost:3002` (or your configured

 **Important**: The `SITE_URL` must be set correctly for QR codes to work. This should be the public URL where your application is accessible (e.g., `https://church.example.com`).

-### Default Credentials
+### Admin Credentials

+Admin credentials are now configured via environment variables (`ADMIN_USERNAME` and `ADMIN_PASSWORD`). Set these in your `.env` file before building the Docker image.
+
+**Default values** (if not set in `.env`):
 - **Username**: admin
 - **Password**: admin123

-⚠️ **Important**: Change these credentials in production by modifying `server/utils/database.ts`
+⚠️ **Important**: Always change these default credentials in production by setting `ADMIN_USERNAME` and `ADMIN_PASSWORD` in your `.env` file.

 ## Project Structure

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,6 +5,8 @@ services:
      args:
        - SITE_URL=${SITE_URL:-https://nlcc.rydertech.us}
        - AUTH_SECRET=${AUTH_SECRET:-change-this-secret-in-production}
+        - ADMIN_USERNAME=${ADMIN_USERNAME:-admin}
+        - ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin123}
    container_name: nlcc-itinerary
    ports:
      - "3002:3000"
@@ -14,4 +16,6 @@ services:
      - NODE_ENV=production
      - AUTH_SECRET=${AUTH_SECRET:-change-this-secret-in-production}
      - SITE_URL=${SITE_URL:-https://nlcc.rydertech.us}
+      - ADMIN_USERNAME=${ADMIN_USERNAME:-admin}
+      - ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin123}
    restart: unless-stopped
--- a/nuxt.config.ts
+++ b/nuxt.config.ts
@@ -28,6 +28,8 @@ export default defineNuxtConfig({

  runtimeConfig: {
    authSecret: process.env.AUTH_SECRET || 'change-this-secret-in-production',
+    adminUsername: process.env.ADMIN_USERNAME || 'admin',
+    adminPassword: process.env.ADMIN_PASSWORD || 'admin123',
    public: {
      siteUrl: process.env.SITE_URL || 'https://newlife-christian.com'
    }
--- a/pages/login.vue
+++ b/pages/login.vue
@@ -58,10 +58,6 @@
          </NuxtLink>
        </div>
      </div>
-
-      <div class="mt-4 text-center text-sm text-gray-600">
-        <p>Default credentials: admin / admin123</p>
-      </div>
    </div>
    
    <Footer />
--- a/server/utils/database.ts
+++ b/server/utils/database.ts
@@ -52,11 +52,15 @@ export function getDatabase() {
      )
    `)
    
-    // Insert default admin user (password: admin123)
+    // Insert default admin user from environment variables
    // In production, this should be hashed properly
-    const userExists = db.prepare('SELECT COUNT(*) as count FROM users WHERE username = ?').get('admin') as { count: number }
+    const config = useRuntimeConfig()
+    const adminUsername = config.adminUsername
+    const adminPassword = config.adminPassword
+    
+    const userExists = db.prepare('SELECT COUNT(*) as count FROM users WHERE username = ?').get(adminUsername) as { count: number }
    if (userExists.count === 0) {
-      db.prepare('INSERT INTO users (username, password) VALUES (?, ?)').run('admin', 'admin123')
+      db.prepare('INSERT INTO users (username, password) VALUES (?, ?)').run(adminUsername, adminPassword)
    }
  }