Add warning on admin UI for legacy creds in the TOML file.

cmd/admin.go

@@ -12,15 +12,16 @@ import (
 )
 
 type serverConfig struct {
-	RootURL      string          `json:"root_url"`
-	FromEmail    string          `json:"from_email"`
-	Messengers   []string        `json:"messengers"`
-	Langs        []i18nLang      `json:"langs"`
-	Lang         string          `json:"lang"`
-	Permissions  json.RawMessage `json:"permissions"`
-	Update       *AppUpdate      `json:"update"`
-	NeedsRestart bool            `json:"needs_restart"`
-	Version      string          `json:"version"`
+	RootURL       string          `json:"root_url"`
+	FromEmail     string          `json:"from_email"`
+	Messengers    []string        `json:"messengers"`
+	Langs         []i18nLang      `json:"langs"`
+	Lang          string          `json:"lang"`
+	Permissions   json.RawMessage `json:"permissions"`
+	Update        *AppUpdate      `json:"update"`
+	NeedsRestart  bool            `json:"needs_restart"`
+	HasLegacyUser bool            `json:"has_legacy_user"`
+	Version       string          `json:"version"`
 }
 
 // handleGetServerConfig returns general server config.
@@ -29,10 +30,11 @@ func handleGetServerConfig(c echo.Context) error {
 		app = c.Get("app").(*App)
 	)
 	out := serverConfig{
-		RootURL:     app.constants.RootURL,
-		FromEmail:   app.constants.FromEmail,
-		Lang:        app.constants.Lang,
-		Permissions: app.constants.PermissionsRaw,
+		RootURL:       app.constants.RootURL,
+		FromEmail:     app.constants.FromEmail,
+		Lang:          app.constants.Lang,
+		Permissions:   app.constants.PermissionsRaw,
+		HasLegacyUser: app.constants.HasLegacyUser,
 	}
 
 	// Language list.

cmd/init.go

@@ -98,13 +98,14 @@ type constants struct {
 		PublicJS  []byte `koanf:"public.custom_js"`
 	}
 
-	UnsubURL     string
-	LinkTrackURL string
-	ViewTrackURL string
-	OptinURL     string
-	MessageURL   string
-	ArchiveURL   string
-	AssetVersion string
+	HasLegacyUser bool
+	UnsubURL      string
+	LinkTrackURL  string
+	ViewTrackURL  string
+	OptinURL      string
+	MessageURL    string
+	ArchiveURL    string
+	AssetVersion  string
 
 	MediaUpload struct {
 		Provider   string
@@ -431,6 +432,8 @@ func initConstants() *constants {
 	c.BounceSendgridEnabled = ko.Bool("bounce.sendgrid_enabled")
 	c.BouncePostmarkEnabled = ko.Bool("bounce.postmark.enabled")
 
+	c.HasLegacyUser = ko.Exists("app.admin_username") || ko.Exists("app.admin_password")
+
 	b := md5.Sum([]byte(time.Now().String()))
 	c.AssetVersion = fmt.Sprintf("%x", b)[0:10]
 

frontend/src/App.vue

@@ -48,7 +48,8 @@
 
       <!-- body //-->
       <div class="main">
-        <div class="global-notices" v-if="serverConfig.needs_restart || serverConfig.update">
+        <div class="global-notices"
+          v-if="serverConfig.needs_restart || serverConfig.update || serverConfig.has_legacy_user">
           <div v-if="serverConfig.needs_restart" class="notification is-danger">
             {{ $t('settings.needsRestart') }}
             &mdash;
@@ -61,6 +62,14 @@
             {{ $t('settings.updateAvailable', { version: serverConfig.update.version }) }}
             <a :href="serverConfig.update.url" target="_blank" rel="noopener noreferer">View</a>
           </div>
+          <div v-if="serverConfig.has_legacy_user" class="notification is-danger">
+            <b-icon icon="warning-empty" />
+            Remove the <code>admin_username</code> and <code>admin_password</code> fields from the TOML
+            configuration file. Starting this version, users are managed via the
+            <router-link :to="{ name: 'users' }">
+              Admin -> Settings -> Users
+            </router-link> dashboard.
+          </div>
         </div>
 
         <router-view :key="$route.fullPath" />