Merge pull request #23 from Ruby-Network/db

Add multi user auth (private mode only)

Author: MotorTruck1221

Gemfile

@@ -14,6 +14,12 @@ gem 'rack_csrf'
 gem 'dry-schema'
 gem 'dry-validation'
 gem 'yaml'
+gem 'sequel'
+gem 'pg'
+gem 'bcrypt'
+gem 'thor'
+gem 'readline'
+gem 'readline-ext'
 gem "rack-reverse-proxy", require: "rack/reverse_proxy"
 group :development, :test do
   gem "rerun"

cli/cli.rb

@@ -0,0 +1,108 @@
+require 'thor'
+require 'colorize'
+require 'sequel'
+require 'bcrypt'
+require 'readline'
+require 'yaml'
+require_relative '../ruby/db.rb'
+
+settings = YAML.load_file(File.join(File.dirname(__FILE__), '../config/settings.yml'))
+$host = ENV['DB_HOST'] || settings['database']['host'].to_s 
+$user = ENV['DB_USERNAME'] || settings['database']['username'].to_s
+$password = ENV['DB_PASSWORD'] || settings['database']['password'].to_s
+$database = ENV['DB_DATABASE'] || settings['database']['dbname'].to_s
+
+class RubyCLI < Thor
+  desc "create", "Create a new user"
+  def create
+    puts "Creating a new user...".red
+    username = Readline.readline("Username: ", true)
+    username = username.gsub(/[^0-9A-Za-z]/, '')
+    username = username.downcase
+    while true
+      password = Readline.readline("Password: ", true)
+      passwordConfirm = Readline.readline("Retype password: ", true)
+      if password != passwordConfirm
+        puts "\e[H\e[2J"
+        puts "Passwords do not match! Try again.".red
+      else
+        break
+      end
+    end
+
+    db = connectDB($host, $user, $password, $database)
+    hashedPassword = BCrypt::Password.create(password)
+    if db[:users].where(username: username).count > 0
+      puts "User already exists!".red
+      db.disconnect
+      exit 
+    else
+      db[:users].insert(username: username, password: hashedPassword, admin: false)
+      puts "User created!".blue
+      db.disconnect
+    end
+
+  end
+  desc "delete", "Delete a user"
+  def delete
+    puts "Deleting a user...".red
+    username = Readline.readline("Username: ", true)
+    username = username.gsub(/[^0-9A-Za-z]/, '')
+    username = username.downcase
+    db = connectDB($host, $user, $password, $database)
+    while true
+      usernameConfirm = Readline.readline("Are you sure you want to delete #{username}? (y/n): ", true).downcase
+      if usernameConfirm == "y" || usernameConfirm == "yes"
+        if db[:users].where(username: username).count > 0
+          db[:users].where(username: username).delete
+          puts "User deleted!".blue
+          db.disconnect
+        else 
+          puts "User does not exist! (use the list command to see all users)".red
+          db.disconnect
+        end
+        exit
+      elsif usernameConfirm == "n" || usernameConfirm == "no"
+        puts "Ok, exiting...".blue
+        db.disconnect
+        exit
+      end
+    end
+  end
+  desc "list", "List all users"
+  def list
+    db = connectDB($host, $user, $password, $database)
+    puts "Listing all users...".red
+    users = db[:users]
+    users.each{|user| puts user[:username]}
+  end
+  desc "reset", "Reset a user's password"
+  def reset
+    puts "Resetting a user's password...".red
+    username = Readline.readline("Username: ", true)
+    username = username.gsub(/[^0-9A-Za-z]/, '')
+    username = username.downcase
+    db = connectDB($host, $user, $password, $database)
+    if db[:users].where(username: username).count > 0
+      while true
+        password = Readline.readline("New Password: ", true)
+        passwordConfirm = Readline.readline("Retype new password: ", true)
+        if password != passwordConfirm
+          puts "\e[H\e[2J"
+          puts "Passwords do not match! Try again.".red
+        else
+          break
+        end
+      end
+      hashedPassword = BCrypt::Password.create(password)
+      db[:users].where(username: username).update(password: hashedPassword)
+      puts "Password reset!".blue
+      db.disconnect
+    else 
+      puts "User does not exist! (use the list command to see all users)".red
+      db.disconnect
+    end
+  end
+end
+
+RubyCLI.start(ARGV)

config/settings.example.yml

@@ -1,6 +1,18 @@
-port: 9293
-verboseLogging: "false"
-private: "false"
-username: "ruby"
-password: "ruby"
-mainURL: "http://localhost:3000/browser/"
+port: 9293 #currently does nothing, but will be used in the future
+verboseLogging: "false" #change this to "true" to enable verbose logging
+private: "false" #change this to "true" to enable private mode
+username: "ruby" #change this to your username (when using private mode)
+password: "ruby" #change this to your password (when using private mode)
+
+# Everything below this line is optional is some form or another
+mainURL: "https://localhost:9293/" # set to a URL to redirect to when the user visits the root of the server (e.g. http://example.com/) WILL be ignored when private mode is enabled
+multiuser: "true" # set to true to enable multiuser mode when using private mode (if not using private mode, this will be ignored)
+
+# Database Settings Only Needed When Using Multiuser Mode is Enabled
+# These are ignored when multiuser mode is not enabled
+# NOTE: when using docker these values should not be changed
+database:
+  username: "ruby" # change this to your database username
+  password: "ruby" # change this to your database password
+  host: "db" # change this to your database host
+  dbname: "ruby" # change this to your database name

docker/docker-compose.build.yml

@@ -10,7 +10,21 @@ services:
       - your port here:9293
     volumes:
       - ./config.yml:/usr/src/app/config/settings.yml
-#networks:
-#  default:
-#    external:
-#      name: default_net
+  #
+  # Uncomment the following lines if you want to use a database (mutliuser mode)
+  #db:
+  #  image: postgres
+  #  restart: unless-stopped
+  #  environment:
+  #    POSTGRES_PASSWORD: ruby
+  #    POSTGRES_USER: ruby
+  #    POSTGRES_DB: ruby
+  # volumes:
+  #   - ./db:/var/lib/postgresql/data
+  
+  # Uncomment the following lines if you want to use adminer (database management)
+  #adminer:
+  #  image: adminer
+  #  restart: unless-stopped
+  #  ports:
+  #    - 8099:8080

docker/docker-compose.yml

@@ -1,14 +1,29 @@
-version: '2'
+version: '3'
 services:
   ruby:
     restart: unless-stopped
-    image: 'ghcr.io/ruby-network/ruby:latest'
+    image: 'motortruck1221/ruby:latest'
     ports:
       #DO NOT CHANGE 9293!
-      - 9293:9293
+      - your port here:9293
     volumes:
       - ./config.yml:/usr/src/app/config/settings.yml
-#networks:
-  #  default:
-  #    external:
-  #      name: default_net
+
+ #
+  # Uncomment the following lines if you want to use a database (mutliuser mode)
+  #db:
+  #  image: postgres
+  #  restart: unless-stopped
+  #  environment:
+  #    POSTGRES_PASSWORD: ruby
+  #    POSTGRES_USER: ruby
+  #    POSTGRES_DB: ruby
+  #  volumes:
+  #    - ./db:/var/lib/postgresql/data
+  
+  # Uncomment the following lines if you want to use adminer (database management)
+  #adminer:
+  #  image: adminer
+  #  restart: unless-stopped
+  #  ports:
+  #    - 8099:8080

docs/README.md

@@ -11,7 +11,8 @@
 ## Getting Started
 - Local setup (no docker) [here](./terminal.md)
 - Local setup (with docker)(*recommended*) [here](./docker.md)
-- Private instance setup [here](./private.md) (both docker and non-docker)
+- Private instance setup [here](./private.md) (both docker and non-docker, including multiuser)
+- CLI commands for multiuser mode [here](./multiuser.md)
 - Ruby and Bundler installation [here](./install-ruby.md)
 - Docker Installation [here](./docker-install.md)
 

docs/advanced-config.md

@@ -3,20 +3,28 @@
 ##### This provides a list of all the configuration options available to you.
 ##### The config file can be found [here](../config/settings.example.yml)
 
-`port` -  The port the Ruby server will run on. Default is `9293`
+- `port` -  The port the Ruby server will run on. Default is `9293` (does not currently work)
 
-`verboseLogging` - Whether or not to log all requests to the console. Default is `false`
+- `verboseLogging` - Whether or not to log all requests to the console. Default is `false`
 
-`private` - Whether or not to enable private mode. Default is `false`
+- `private` - Whether or not to enable private mode. Default is `false`
 
-`username` - The username for use in either, private instances. If it is a normal instance, username will always be `ruby`
+- `username` - The username for use in either, private instances. If it is a normal instance, username will always be `ruby`
 
-`password` - The password for use in either, private instances. If it is a normal instance, password will always be `ruby`
+- `password` - The password for use in either, private instances. If it is a normal instance, password will always be `ruby`
 
-`mainUrl` - The main URL for use in a normal instance. If you are trying to make a private instance set this value to `NA`
+- `mainUrl` - The main URL for use in a normal instance. If you are trying to make a private instance set this value to anything or delete it.
+
+- `multiuser` - Whether or not to enable multiuser mode. Default is `false` **ONLY WORKS IN PRIVATE MODE**
+
+- `database` - A set of options for the database connection. **ONLY WORKS IN PRIVATE MODE AND MULTIUSER IS ENABLED, CURRENTLY ONLY SUPPORTS POSTGRESQL**
+    - `host` - The host of the database. Default is `localhost`
+    - `dbName` - The name of the database. Default is `ruby`
+    - `username` - The username for the database. Default is `ruby`
+    - `password` - The password for the database. Default is `ruby`
 
 ---
 #### Options coming soon:
-`port` - Will be switched to `rubyPort` and will be the port the Ruby server will run on. Default is `9292`
+- `port` - Will be switched to `rubyPort` and will be the port the Ruby server will run on. Default is `9292`
 
-`nodePort` - Will be the port the Node server will run on. Default is `9293`
+- `nodePort` - Will be the port the Node server will run on. Default is `9293`

docs/docker.md

@@ -31,20 +31,35 @@
 
     Or just copy this config:
     ```yml
-    version: '2'
+    version: "3"
     services:
-    ruby:
-      restart: unless-stopped
-      image: 'ghcr.io/ruby-network/ruby'
-      ports:
-        #DO NOT CHANGE 9293!
-        - your port here:9293
-      volumes:
-        - ./config.yml:/usr/src/app/config/settings.yml
-   #networks:
-    #  default:
-    #    external:
-    #      name: default_net
+      ruby:
+        image: 'motortruck1221/ruby:latest'
+        container_name: ruby
+        restart: unless-stopped
+        ports:
+          # DO NOT CHANGE 9293
+          - "your port here:9293"
+        volumes:
+          - ./config.yml:/usr/src/app/config/settings.yml
+      
+      # Uncomment the following lines if you want to use a database (multiuser mode)
+      #db:
+      #  image: postgres
+      #  restart: unless-stopped
+      #  environment:
+      #    POSTGRES_PASSWORD: ruby
+      #    POSTGRES_USER: ruby
+      #    POSTGRES_DB: ruby 
+      #  volumes:
+      #    - ./db:/var/lib/postgresql/data
+      
+      # Uncomment the following lines if you want to use adminer (database management)
+      #adminer:
+      #  image: adminer
+      #  restart: unless-stopped
+      #  ports:
+      #    - 8099:8080
     ```
 2. Download our settings.example.yml file [here](https://github.com/ruby-network/ruby/tree/main/config/settings.example.yml)
 

docs/multiuser.md

@@ -0,0 +1,25 @@
+# Multiuser mode
+
+## Prerequisites
+- A setup private instance of Ruby (using Docker Compose, or standalone) with multiuser mode enabled (see [here](./private.md#docker-multiuser) for more info)
+
+---
+
+## How to execute commands
+
+There are two ways to execute the CLI, either using `yarn cli` or `bundler exec ruby ./cli/cli.rb`
+
+This tutorial will use `yarn cli` as it is easier to type
+
+## Commands
+
+- `yarn cli` is the command to execute the CLI 
+- `yarn cli help [command]` to get help with a command 
+- `yarn cli create` - Create a new user
+- `yarn cli delete` - Delete a user
+- `yarn cli list` - List all users
+- `yarn cli reset` - Reset a users password
+
+## How to use in Docker Compose
+
+- `docker-compose exec ruby yarn cli [command]` - where `[command]` is one of the commands listed above