- Add setupTokens database table with proper schema
- Implement setup token generation on first server startup
- Add token validation endpoint and modify admin creation
- Update initial setup page to require setup token
- Add migration scripts for both SQLite and PostgreSQL
- Add internationalization support for setup token fields
- Implement proper error handling and logging
- Add CLI command for resetting user security keys
This prevents unauthorized access during initial server setup by requiring
a token that is generated and displayed in the server console.
pangctl reset-user-security-keys --email user@example.com
This command will:
1. Find the user by email address
2. Check if they have any registered security keys
3. Delete all their security keys from the database
4. Provide feedback on the operation
In my issue #1203, I noticed there was a problem when ports 80 and 443 were already in use. This caused the docker containers to be created but not running
server/routers/badger/verifySession.ts : verifyResourceSession() updated code behind "cleanHost" var to a regex which strips the trailing :port for any port (rather than a string match for 80/443)
src/app/auth/resource/[resourceId]/page.tsx : ResourceAuthPage() added a secondary match for serverResourceHost and redirectHost that accounts for ports
server/routers/badger/exchangeSession.ts : Updated exchangeSession() to use the same "cleanHost" type var (with port-stripping) as in verifyResourceSession(), replaced references to "host" with "cleanHost"
