usergen: Fix wrong password and username usage

Due to the lack of double quotes, passwords with whitespaces were not passed correctly to printf(1), thus making users not able to log into their account. OTOH, for some reason usernames containing whitespaces made jq(1) complain, so it has been decided not to support them.
2023-04-30 23:25:43 +02:00 · 2023-04-30 23:25:43 +02:00 · 291d951ee1
parent 401c5dcf44
commit 291d951ee1
1 changed files with 12 additions and 6 deletions
--- a/18
+++ b/18
@ -15,7 +15,13 @@ fi
 DIR=$1

 echo Username: >&2
-read -r USER
+IFS= read -r USER
+
+if printf '%s' "$USER" | grep -qe '[[:space:]]'
+then
+    echo Username cannot contain whitespaces >&2
+    exit 1
+fi

 DB="$DIR/db.json"

@ -26,21 +32,21 @@ then
 fi

 echo Password: >&2
-read -r PWD
+IFS= read -r PWD
 echo "Quota, in MiB (leave empty for unlimited quota):" >&2
 read -r QUOTA

-PWD=$(printf '%s' $PWD | xxd -p | tr -d '\n')
+PWD=$(printf '%s' "$PWD" | xxd -p | tr -d '\n')
 SALT=$(openssl rand 32 | xxd -p | tr -d '\n')
 KEY=$(openssl rand 32 | xxd -p | tr -d '\n')
-PWD=$(printf '%s%s' $SALT $PWD)
+PWD=$(printf '%s%s' $SALT "$PWD")

 ROUNDS=1000

 for i in $(seq $ROUNDS)
 do
    printf "\r%d/$ROUNDS" $i >&2
-    PWD=$(printf '%s' $PWD | xxd -p -r | sha256sum | cut -d' ' -f1)
+    PWD=$(printf '%s' "$PWD" | xxd -p -r | sha256sum | cut -d' ' -f1)
 done

 echo >&2
@ -56,7 +62,7 @@ trap cleanup EXIT
 jq ".users += [
 {
    \"name\": \"$USER\",
-    \"password\": \"$PWD\",
+    \"password\": \""$PWD"\",
    \"salt\": \"$SALT\",
    \"key\": \"$KEY\",
    \"quota\": \"$QUOTA\"