feat: implement real admin authentication and password management

- Added 'users' table to database with bcrypt hashing. - Refactored login to verify against the database. - Implemented 'Security' section in settings to allow changing the admin password. - Initialized system with default user 'admin' and password 'admin'.
2026-02-26 18:47:20 -05:00
parent 519436eb4a
commit c208ebe59b
5 changed files with 218 additions and 10 deletions
--- a/src/database/mod.rs
+++ b/src/database/mod.rs
@@ -115,6 +115,38 @@ async fn run_migrations(pool: &DbPool) -> Result<()> {
    .execute(pool)
    .await?;

+    // Create users table for dashboard access
+    sqlx::query(
+        r#"
+        CREATE TABLE IF NOT EXISTS users (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            username TEXT UNIQUE NOT NULL,
+            password_hash TEXT NOT NULL,
+            role TEXT DEFAULT 'admin',
+            created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+        )
+        "#
+    )
+    .execute(pool)
+    .await?;
+
+    // Insert default admin user if none exists (default password: admin)
+    let user_count: (i64,) = sqlx::query_as("SELECT COUNT(*) FROM users")
+        .fetch_one(pool)
+        .await?;
+
+    if user_count.0 == 0 {
+        // 'admin' hashed with default cost (12)
+        let default_admin_hash = bcrypt::hash("admin", 12).unwrap();
+        sqlx::query(
+            "INSERT INTO users (username, password_hash, role) VALUES ('admin', ?, 'admin')"
+        )
+        .bind(default_admin_hash)
+        .execute(pool)
+        .await?;
+        info!("Created default admin user with password 'admin'");
+    }
+
    // Create indices
    sqlx::query(
        "CREATE INDEX IF NOT EXISTS idx_clients_client_id ON clients(client_id)"