Change Password at login and script

[itiloo]

Hi Rejetto:

First of all, congratulations on the piece of project you have worked on. Thank you very much in advance.
My objective of setting up hfs is to give a repository to users for file exchange and your application is perfect but I have 2 basic questions for my project.
1.-Is it possible to activate any option for the user so that the first login requires them to change their password?
2.-I have the idea of making a script that automatically creates users by modifying the config.yaml file and I have a question about how to generate the srp password. For example, if I want to assign a password that is "test", how can I encode that test password and generate its fingerprint and convert it to srp so I can put it by hand in the config.yaml file?

Thank you very much for the help and your piece of work.

[rejetto]

welcome itiloo,

1. that's not available at the moment but it sounds like an interesting feature
2. you don't need to encode it yourself. If you read config.md you'll see that you can store a clear-text password, and it will be automatically encoded by HFS. If you have to make an automatic script, your best option may not be to modify config.yaml but to call http 'add_account'. You can see it with its parameters in developer-console of your browser when it used by the admin-panel. If you call it from localhost, you won't even need to authenticate.

[itiloo]

Thank you so much for your fast answer Rejetto.

Is there any tool or way that we can manually register users with a bash script or similar that modifies the config.yaml manually? We know the yq tool to edit it but we are a little lost with it.

Thank you very much again.

[rejetto]

making http requests from a bash script is very possible, you can use "curl" for example.
did you get my suggestion about the developer-console?
This is working for me:
curl http://localhost/~/api/add_account -H 'content-type: application/json' -H 'x-hfs-anti-csrf: 1' --data-raw '{"username":"user1", "password":"pass1"}'

also, have a look at /~https://github.com/rejetto/hfs/wiki/APIs

[itiloo]

The answer from server es 200 OK, but it doesn't add the data to the config.yaml

EDIT: I just saw that if I do the curl 2 times it works. ?

[rejetto]

there is a bug and the config file is not saved, but internally the account was added.
if you touch some option, so that config is saved, then you will see the account in the file.
i already fixed this bug, and will publish an update soon.

[itiloo]

Perfect Rejetto.

It seems that it only happens in the add_acount, in the del_account that does not happen.

[rejetto]

i want to give you a version with the fix, so you can confirm that is ok for you.
can you tell me what OS are you running HFS on, or are running it with npx?

[itiloo]

Red Hat 8.8

[rejetto]

0.52.2-rc1 for linux
this fixes the bug.
Please confirm that this is good for you.

One quick way to update (when you are not running as a service) is to right-click on the "check for updates" button, and paste the link above.

[itiloo]

The curl to add users now works perfectly!!!. Thank you very much Rejetto. I have made a donation for your great work and help.

[rejetto]

cool, thanks

[rejetto]

also, i'm trying this service to document APIs
https://hfs-3.apidog.io/api-6834324

[itiloo]

Perfect

[itiloo]

Hi Rejetto:

In version 0.52.2 RC 1 It seems that everything was going well about "add_account" with curl, but I upgrade to 0.52.2 published and now:

curl -s http://localhost/~/api/add_account -H 'content-type: application/json' -H 'x-hfs-anti-csrf: 1' --data-raw '{"username":"david","password":"david","disable_password_change":"true","expire":"2024-04-24","redirect":"/"}'

It creates the user and is visible in the config.yaml file, but the user cannot access the frontend, but if I restart the hfs service, they can access it.

[rejetto]

i see, i'll fix this asap

[itiloo]

Ok, I downgrade to rc1 for now.

Thanks.

[itiloo]

I just saw that the same thing happens in the rc1 version.

[rejetto]

i expected that.
Reviewing my previous fix it didn't seem effective to me respective to this problem, but i had to work on it again nonetheless, so i didn't mention it.

[itiloo]

Ok, I hope to do my user registration script then. Thank you very much Rejetto.

[rejetto]

with a bit of luck i'll have the fix ready later today

[rejetto]

just a side comment: these problems have never affected the admin-panel because it's using a different api to set the password.
But I decided now to introduce support for "password" field directly in add_account because it's much convenient.

[rejetto]

ok, this should fix it.
0.52.3-beta3 /~https://github.com/rejetto/hfs/files/15077857/hfs-linux.zip

what happens now is that also add_account will trigger the encryption of the password.
sorry for the troubles, and a feedback would be appreciated.

[itiloo]

Thank you so much for your help Rejetto. Of course, I will report you in a moment.

[itiloo]

At the moment it works fine without having to restart the service. I continue doing tests and I will inform you, Rejetto. Thanks again.

[itiloo]

For not creating another new thread.
Is it possible to restrict uploads to certain file extensions or deny certain extensions??, for example (.exe .bat .js)
Thanks and sorry for being so annoying

[rejetto]

creating a new thread is a good idea, it's free and keeps things in order, so next time don't hold yourself.

where you configured the upload permissions you also have this field

[itiloo]

Ok, sorry for that.
I understand that this field is to put the extensions one after another of accepted extensions, right? Would it be possible to add extensions that are not accepted? Just to know. Thank you.

[rejetto]

not exactly, as that feature is actually offered by the browser, that doesn't support that.
By letting the browser do the job, it forces the user to pick the right file.
The only way to get the opposite effect would be to allow everything, and after the selection is done, to reject the choice of the user.