This patch adds 3 new options to OIDC settings.
Toggle user auto-creation, and select default user/list roles
for auto-created users.
Co-authored-by: Kailash Nadh <kailash@nadh.in>
- During install, listmonk now accepts the env `LISTMONK_ADMIN_API_USER`
and creates an API user (with username $LISTMONK_ADMIN_API_USER)
with full superadmin permissions. This requires LISTMONK_ADMIN_USER and
LISTMONK_ADMIN_API_PASSWORD to be set so that that there's always a superadmin
user to avoid bad states, mainly: bot superadmin exists, but no admin user
exists, leaving the installation perpetually open with the superadmin user
creation UI on the first login.
The API user's token is printed to stderr in the following format:
`export LISTMONK_ADMIN_API_TOKEN="7I81VSd90UWhKDj5Kq9c6YopToRduyDF"`
This can be redirected to a file with ./listmonk 2> /tmp/token or captured
directly and then source()'d.
- Add new function `core.GetRole(id)`.
- Fix `at least one super admin` query in user deletion.
- Attach all HTTP handlers to a new `Handlers{}` struct.
- Remove all `handle*` function prefixes.
- Remove awkward, repetitive `app = c.Get("app").(*App)` from all handlers
and instead, simply access it from `h.app` from `Handlers{}`
Originally proposed in #2292.
- Make the beginning of handlers consistent with uniform variable declaration
and grouping.
- Add missing comments.
- Fix staticcheck/vet warnings and idiom issues.
- Move user models from `/models` to `internal/auth`.
- Move and refactor various permission check functions into `User.()`
- Refactor awkward `get, manage bool` function args into `Get|Manage` bitflags.
- Don't setup username+password from config file during fresh install.
- If `LISTMONK_ADMIN_USER` and `LISTMONK_ADMIN_PASSWORD` env vars are
set during `--install`, use them.
- Otherwise, render new username+password creation UI on `/admin/login`.
- Add Cypress tests.
