Password from env variable

.env.sample

@@ -0,0 +1,2 @@
+# codex-docs password.
+PASSWORD=

README.md

@@ -24,6 +24,7 @@ yarn install --frozen-lockfile
 
 ```shell
 cp .codexdocsrc.sample .codexdocsrc
+cp .env.sample .env
 ```
 
 ### Run application (both frontend and backend)
@@ -86,7 +87,7 @@ yarn test
 
 To manage pages you need to authorize (available on `/auth`).
 
-To set password use `yarn generatePassword:ts [password]` command and restart the server.
+To set password, set the `PASSWORD` environment variable inside the `.env` file.
 
 ## Release process
 
@@ -95,13 +96,12 @@ It will automatically generate draft release based pull requests data between cu
 To make new release you need go to [releases](https://github.com/codex-team/codex.docs/releases) page find the latest draft release and mark it as ready.
 After creating new release, new git tag will be created and new version will be published.
 
-
 # About CodeX
 
 <img align="right" width="120" height="120" src="https://codex.so/public/app/img/codex-logo.svg" hspace="50">
 
 CodeX is a team of digital specialists around the world interested in building high-quality open source products on a global market. We are [open](https://codex.so/join) for young people who want to constantly improve their skills and grow professionally with experiments in cutting-edge technologies.
 
-| 🌐 | Join  👋  | Twitter | Instagram |
-| -- | -- | -- | -- |
-| [codex.so](https://codex.so) | [codex.so/join](https://codex.so/join) |[@codex_team](http://twitter.com/codex_team) | [@codex_team](http://instagram.com/codex_team) |
+| 🌐                           | Join 👋                                | Twitter                                      | Instagram                                      |
+| ---------------------------- | -------------------------------------- | -------------------------------------------- | ---------------------------------------------- |
+| [codex.so](https://codex.so) | [codex.so/join](https://codex.so/join) | [@codex_team](http://twitter.com/codex_team) | [@codex_team](http://instagram.com/codex_team) |

docker-compose.yml

@@ -6,7 +6,10 @@ services:
       context: .
     ports:
       - "5005:3000"
+    env_file:
+      - .env
     volumes:
+      - ./.env:/usr/src/app/.env
       - ./.codexdocsrc:/usr/src/app/.codexdocsrc:ro
       - ./config/production.json:/usr/src/app/config/production.json:ro
       - ./public/uploads:/uploads

package.json

@@ -1,9 +1,6 @@
 {
   "name": "codex.docs",
   "license": "Apache-2.0",
-  "bin": {
-    "generatePassword": "bin/generatePassword.js"
-  },
   "browserslist": [
     "last 2 versions",
     "> 1%"
@@ -17,13 +14,9 @@
     "test:js": "cross-env NODE_ENV=testing mocha --recursive ./dist/test --exit",
     "test": "cross-env NODE_ENV=testing ts-mocha ./src/test/*.ts ./src/test/**/*.ts --exit",
     "lint": "eslint --fix --ext .ts ./src/backend",
-    "generatePassword:ts": "ts-node ./src/generatePassword.ts",
-    "generatePassword": "node ./dist/generatePassword.js",
     "editor-upgrade": "yarn add -D @editorjs/{editorjs,header,code,delimiter,list,link,image,table,inline-code,marker,warning,checklist,raw}@latest"
   },
   "dependencies": {
-    "bcrypt": "^5.0.1",
-    "commander": "^9.0.0",
     "config": "^3.3.6",
     "cookie-parser": "^1.4.5",
     "csurf": "^1.11.0",

src/backend/app.ts

@@ -5,8 +5,10 @@ import morgan from 'morgan';
 import rcParser from './utils/rcparser';
 import routes from './routes';
 import HttpException from './exceptions/httpException';
+import * as dotenv from 'dotenv';
 import config from 'config';
 
+dotenv.config();
 const app = express();
 const localConfig = rcParser.getConfiguration();
 

src/backend/controllers/transport.ts

@@ -74,7 +74,7 @@ class Transport {
     fs.writeFileSync(`${config.get('uploads')}/${filename}.${ext}`, buffer);
 
     const fetchedContentType: string | null = fetchedFile.headers.get('content-type');
-    let fetchedMimeType: string|undefined;
+    let fetchedMimeType: string | undefined;
 
     if (fetchedContentType === null) {
       fetchedMimeType = undefined;
@@ -96,8 +96,6 @@ class Transport {
 
     let response = file.data;
 
-    console.log(response)
-
     if (map) {
       response = Transport.composeResponse(file, map);
     }

src/backend/routes/auth.ts

@@ -1,12 +1,7 @@
 import express, { Request, Response } from 'express';
 import jwt from 'jsonwebtoken';
 import config from 'config';
-import bcrypt from 'bcrypt';
 import csrf from 'csurf';
-import * as dotenv from 'dotenv';
-import Users from '../controllers/users';
-
-dotenv.config();
 
 const router = express.Router();
 const csrfProtection = csrf({ cookie: true });
@@ -27,10 +22,7 @@ router.get('/auth', csrfProtection, function (req: Request, res: Response) {
  */
 router.post('/auth', parseForm, csrfProtection, async (req: Request, res: Response) => {
   try {
-    const userDoc = await Users.get();
-    const passHash = userDoc.passHash;
-
-    if (!passHash) {
+    if (!process.env.PASSWORD) {
       res.render('auth', {
         title: 'Login page',
         header: 'Password not set',
@@ -40,30 +32,28 @@ router.post('/auth', parseForm, csrfProtection, async (req: Request, res: Respon
       return;
     }
 
-    bcrypt.compare(req.body.password, passHash, async (err, result) => {
-      if (err || result === false) {
-        res.render('auth', {
-          title: 'Login page',
-          header: 'Wrong password',
-          csrfToken: req.csrfToken(),
-        });
-
-        return;
-      }
+    if (req.body.password !== process.env.PASSWORD) {
+      res.render('auth', {
+        title: 'Login page',
+        header: 'Wrong password',
+        csrfToken: req.csrfToken(),
+      });
 
-      const token = jwt.sign({
-        iss: 'Codex Team',
-        sub: 'auth',
-        iat: Date.now(),
-      }, passHash + config.get('secret'));
+      return;
+    }
 
-      res.cookie('authToken', token, {
-        httpOnly: true,
-        expires: new Date(Date.now() + 365 * 24 * 60 * 60 * 1000), // 1 year
-      });
+    const token = jwt.sign({
+      iss: 'Codex Team',
+      sub: 'auth',
+      iat: Date.now(),
+    }, process.env.PASSWORD + config.get('secret'));
 
-      res.redirect('/');
+    res.cookie('authToken', token, {
+      httpOnly: true,
+      expires: new Date(Date.now() + 365 * 24 * 60 * 60 * 1000), // 1 year
     });
+
+    res.redirect('/');
   } catch (err) {
     res.render('auth', {
       title: 'Login page',

src/backend/routes/middlewares/token.ts

@@ -1,10 +1,7 @@
-import * as dotenv from 'dotenv';
 import config from 'config';
 import { NextFunction, Request, Response } from 'express';
 import jwt from 'jsonwebtoken';
-import Users from '../../controllers/users';
 
-dotenv.config();
 
 /**
  * Middleware for checking jwt token
@@ -17,16 +14,14 @@ export default async function verifyToken(req: Request, res: Response, next: Nex
   const token = req.cookies.authToken;
 
   try {
-    const userDoc = await Users.get();
-
-    if (!userDoc.passHash) {
+    if (!process.env.PASSWORD) {
       res.locals.isAuthorized = false;
       next();
 
       return;
     }
 
-    const decodedToken = jwt.verify(token, userDoc.passHash + config.get('secret'));
+    const decodedToken = jwt.verify(token, process.env.PASSWORD + config.get('secret'));
 
     res.locals.isAuthorized = !!decodedToken;
 

src/backend/utils/database/index.ts

@@ -3,7 +3,6 @@ import { AliasData } from '../../models/alias';
 import { FileData } from '../../models/file';
 import { PageData } from '../../models/page';
 import { PageOrderData } from '../../models/pageOrder';
-import { UserData } from '../../models/user';
 import initDb from './initDb';
 
 /**
@@ -170,7 +169,6 @@ export class Database<DocType> {
 
 export default {
   pages: new Database<PageData>(initDb('pages')),
-  password: new Database<UserData>(initDb('password')),
   aliases: new Database<AliasData>(initDb('aliases')),
   pagesOrder: new Database<PageOrderData>(initDb('pagesOrder')),
   files: new Database<FileData>(initDb('files')),