Allow root user credentials configuration (#710)

server/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "server"
-version = "0.2.2"
+version = "0.2.3"
 edition = "2021"
 build = "src/build.rs"
 

server/src/streaming/systems/streams.rs

@@ -297,6 +297,7 @@ mod tests {
     use crate::configs::system::SystemConfig;
     use crate::streaming::storage::tests::get_test_system_storage;
     use crate::streaming::users::user::User;
+    use iggy::users::defaults::{DEFAULT_ROOT_PASSWORD, DEFAULT_ROOT_USERNAME};
     use std::{
         net::{Ipv4Addr, SocketAddr},
         sync::Arc,
@@ -310,7 +311,7 @@ mod tests {
         let storage = get_test_system_storage();
         let mut system =
             System::create(config, storage, None, PersonalAccessTokenConfig::default());
-        let root = User::root();
+        let root = User::root(DEFAULT_ROOT_USERNAME, DEFAULT_ROOT_PASSWORD);
         let session = Session::new(
             1,
             root.id,

server/src/streaming/systems/users.rs

@@ -7,7 +7,9 @@ use iggy::identifier::{IdKind, Identifier};
 use iggy::locking::IggySharedMutFn;
 use iggy::models::permissions::Permissions;
 use iggy::models::user_status::UserStatus;
+use iggy::users::defaults::*;
 use iggy::utils::text;
+use std::env;
 use std::sync::atomic::{AtomicU32, Ordering};
 use tracing::log::error;
 use tracing::{info, warn};
@@ -20,7 +22,7 @@ impl System {
         let mut users = self.storage.user.load_all().await?;
         if users.is_empty() {
             info!("No users found, creating the root user...");
-            let root = User::root();
+            let root = Self::create_root_user();
             self.storage.user.save(&root).await?;
             info!("Created the root user.");
             users = self.storage.user.load_all().await?;
@@ -34,6 +36,39 @@ impl System {
         Ok(())
     }
 
+    fn create_root_user() -> User {
+        let username = env::var("IGGY_ROOT_USERNAME");
+        let password = env::var("IGGY_ROOT_PASSWORD");
+        if (username.is_ok() && password.is_err()) || (username.is_err() && password.is_ok()) {
+            panic!("When providing the custom root user credentials, both username and password must be set.");
+        }
+        if username.is_ok() && password.is_ok() {
+            info!("Using the custom root user credentials.");
+        } else {
+            info!("Using the default root user credentials.");
+        }
+
+        let username = username.unwrap_or(DEFAULT_ROOT_USERNAME.to_string());
+        let password = password.unwrap_or(DEFAULT_ROOT_PASSWORD.to_string());
+        if username.is_empty() || password.is_empty() {
+            panic!("Root user credentials are not set.");
+        }
+        if username.len() < MIN_USERNAME_LENGTH {
+            panic!("Root username is too short.");
+        }
+        if username.len() > MAX_USERNAME_LENGTH {
+            panic!("Root username is too long.");
+        }
+        if password.len() < MIN_PASSWORD_LENGTH {
+            panic!("Root password is too short.");
+        }
+        if password.len() > MAX_PASSWORD_LENGTH {
+            panic!("Root password is too long.");
+        }
+
+        User::root(&username, &password)
+    }
+
     pub async fn find_user(
         &self,
         session: &Session,

server/src/streaming/users/user.rs

@@ -53,11 +53,11 @@ impl User {
         }
     }
 
-    pub fn root() -> Self {
+    pub fn root(username: &str, password: &str) -> Self {
         Self::new(
             DEFAULT_ROOT_USER_ID,
-            DEFAULT_ROOT_USERNAME,
-            DEFAULT_ROOT_PASSWORD,
+            username,
+            password,
             UserStatus::Active,
             Some(Permissions::root()),
         )
@@ -78,7 +78,7 @@ mod tests {
 
     #[test]
     fn given_root_user_data_and_credentials_should_be_valid() {
-        let user = User::root();
+        let user = User::root(DEFAULT_ROOT_USERNAME, DEFAULT_ROOT_PASSWORD);
         assert_eq!(user.id, DEFAULT_ROOT_USER_ID);
         assert_eq!(user.username, DEFAULT_ROOT_USERNAME);
         assert_ne!(user.password, DEFAULT_ROOT_PASSWORD);