add admin token authentication for migration script
All checks were successful
CI / update (push) Successful in 12s
All checks were successful
CI / update (push) Successful in 12s
Allow migration to run without browser session by using ADMIN_SECRET_TOKEN environment variable. This enables running the migration directly on the server via SSH. Changes: - Add ADMIN_SECRET_TOKEN support to migration endpoint - Update shell script to read token from environment - Improve script with better error handling and token validation - Update documentation with admin token setup instructions The endpoint now accepts authentication via either: - Valid user session (browser-based) - ADMIN_SECRET_TOKEN from environment (server-based) Usage on server: source .env && ./scripts/migrate-image-hashes.sh
This commit is contained in:
@@ -5,7 +5,7 @@
|
||||
# It will:
|
||||
# 1. Find all images without hashes (shortname.webp)
|
||||
# 2. Generate content hashes for them
|
||||
# 3. Rename them to shortname.{hash}.webp
|
||||
# 3. Copy them to shortname.{hash}.webp (keeps originals)
|
||||
# 4. Update the database
|
||||
|
||||
set -e
|
||||
@@ -15,10 +15,24 @@ echo "Image Hash Migration Script"
|
||||
echo "======================================"
|
||||
echo ""
|
||||
echo "This will migrate all existing images to use content-based hashes."
|
||||
echo "Images will be renamed from 'shortname.webp' to 'shortname.{hash}.webp'"
|
||||
echo "Images will be copied from 'shortname.webp' to 'shortname.{hash}.webp'"
|
||||
echo "Original unhashed files will be kept for graceful degradation."
|
||||
echo ""
|
||||
echo "⚠️ WARNING: This operation will rename files on disk!"
|
||||
echo "⚠️ WARNING: This operation will modify the database and create new files!"
|
||||
echo ""
|
||||
|
||||
# Check for admin token
|
||||
if [ -z "$ADMIN_SECRET_TOKEN" ]; then
|
||||
echo "Error: ADMIN_SECRET_TOKEN environment variable not set."
|
||||
echo ""
|
||||
echo "Please set it first:"
|
||||
echo " export ADMIN_SECRET_TOKEN='your-secret-token'"
|
||||
echo ""
|
||||
echo "Or source your .env file:"
|
||||
echo " source .env"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
read -p "Are you sure you want to continue? (yes/no): " confirm
|
||||
|
||||
if [ "$confirm" != "yes" ]; then
|
||||
@@ -31,17 +45,16 @@ echo "Starting migration..."
|
||||
echo ""
|
||||
|
||||
# Get the production URL (modify this to your production URL)
|
||||
PROD_URL="https://bocken.org"
|
||||
PROD_URL="${PROD_URL:-https://bocken.org}"
|
||||
|
||||
# Make the API call
|
||||
# Make the API call with admin token
|
||||
response=$(curl -s -X POST \
|
||||
-H "Content-Type: application/json" \
|
||||
-H "Cookie: $(cat .prod-session-cookie 2>/dev/null || echo '')" \
|
||||
-d '{"confirm": "MIGRATE_IMAGES"}' \
|
||||
-d "{\"confirm\": \"MIGRATE_IMAGES\", \"adminToken\": \"$ADMIN_SECRET_TOKEN\"}" \
|
||||
"${PROD_URL}/api/admin/migrate-image-hashes")
|
||||
|
||||
# Pretty print the response
|
||||
echo "$response" | jq '.'
|
||||
echo "$response" | jq '.' 2>/dev/null || echo "$response"
|
||||
|
||||
echo ""
|
||||
echo "======================================"
|
||||
|
||||
Reference in New Issue
Block a user