hammond icon indicating copy to clipboard operation
hammond copied to clipboard

Published 20 hours ago verified publisher icon akhilrex

Feature Request: reset user password

Open fazzer4x opened this issue 3 years ago • 4 comments

I'm rather stumped right now. I have no idea what password I used to create my account.

How would I currently go about and reset the password?

fazzer4x avatar Oct 30 '21 12:10 fazzer4x

Hi! Not a contributer on this project (yet), however I definately think this should be a feature, and would be happy to implement it when I have some free time.

As a quick fix, you can overwrite it manually following these steps: Not sure what system you're running Hammond on, I'll assume Linux.

  • First, navigate to the hammond project directory on your box in a shell.
  • Run sqlite3 hammond.db
  • Run SELECT * FROM users;
  • The field that looks similar to this $2a$10$24161213262d296e9b7bfd55f74f51a51b5a153d626e4823. I'm not too familiar, but it looks like it is using bcrypt to hash the password.
  • What I would do is generate a new bcrypted password (for example using CyberChef and then overwrite the existing value in the db by running UPDATE users SET password=<your_hased_password> WHERE id='<your_id>' (note: id is the first field in the table, so just copy that. It should look something like this 33f06e44-4807-49cc-b089-1891cc39d896)

And that's it, your password should now be updated :)

AlfHou avatar Nov 07 '21 12:11 AlfHou

This seems to be the only way of doing this. I might generate a cli tool todo this but that would effectively be doing the same thing,

On Sun, Nov 7, 2021 at 6:10 PM Alf Sebastian Houge @.***> wrote:

Hi! Not a contributer on this project (yet), however I definately think this should be a feature, and would be happy to implement it when I have some free time.

As a quick fix, you can overwrite it manually following these steps: Not sure what system you're running Hammond on, I'll assume Linux.

  • First, navigate to the hammond project directory on your box in a shell.
  • Run sqlite3 hammond.db
  • Run SELECT * FROM users;
  • The field that looks similar to this $2a$10$24161213262d296e9b7bfd55f74f51a51b5a153d626e4823. I'm not too familiar, but it looks like it is using bcrypt to hash the password.
  • What I would do is generate a new bcrypted password (for example using CyberChef https://gchq.github.io/CyberChef/#recipe=Bcrypt(10) and then overwrite the existing value in the db by running UPDATE users SET password=<your_hased_password> WHERE id='<your_id>' (note: id is the first field in the table, so just copy that. It should look something like this 33f06e44-4807-49cc-b089-1891cc39d896)

And that's it, your password should now be updated :)

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/akhilrex/hammond/issues/42#issuecomment-962603650, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAEMVPRLFBLWKTZFLI5NQUTUKZXTNANCNFSM5HBBYDAA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

-- Thanks and Regards, Akhil Gupta

akhilrex avatar Nov 08 '21 09:11 akhilrex

The other way would be to include a SMTP client and allow users to configure it to talk to some SMTP server. I have this set up in calibre-web for example.

I think both a cli tool for this and in the future an email solution would be nice.

AlfHou avatar Nov 08 '21 09:11 AlfHou

This is also something I plan to do. This is why I had email ids as usernames so that users can provide smtp details in the configuration and then can receive notifications etc. Same could be used to reset passwords.

On Mon, Nov 8, 2021 at 3:23 PM Alf Sebastian Houge @.***> wrote:

The other way would be to include a SMTP client and allow users to configure it to talk to some SMTP server. I have this set up in calibre-web https://github.com/janeczku/calibre-web for example.

I think both a cli tool for this and in the future an email solution would be nice.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/akhilrex/hammond/issues/42#issuecomment-962983557, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAEMVPXN5AWCYYCVA4JELJTUK6M3LANCNFSM5HBBYDAA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

-- Thanks and Regards, Akhil Gupta

akhilrex avatar Nov 08 '21 11:11 akhilrex