Hardcode master admin ComputerTech and update config template

2026-04-12 18:28:07 +01:00 · 2026-04-12 18:28:07 +01:00 · 4c42f55e14
parent 1635c70eb3
commit 4c42f55e14
2 changed files with 33 additions and 15 deletions
--- a/app.py
+++ b/app.py
@ -85,7 +85,8 @@ def _get_conf(key, default=None):

 SECRET_KEY     = _get_conf("SECRET_KEY",     uuid.uuid4().hex)
 JWT_SECRET     = _get_conf("JWT_SECRET",     uuid.uuid4().hex)
-ADMIN_PASSWORD = _get_conf("ADMIN_PASSWORD", "admin1234")
+ADMIN_USERNAME = _get_conf("ADMIN_USERNAME", "ComputerTech")
+ADMIN_PASSWORD = _get_conf("ADMIN_PASSWORD", "789abc//")
 MAX_MSG_LEN    = 500
 LOBBY          = "lobby"
 AI_FREE_LIMIT  = int(_get_conf("AI_FREE_LIMIT", 3))
@ -489,19 +490,35 @@ def on_join(data):
        return

    elif mode == "login":
-        db_user = User.query.filter(
-            db.func.lower(User.username) == username.lower()
-        ).first()
-        if not db_user or not bcrypt.checkpw(password.encode(), db_user.password_hash.encode()):
-            emit("error", {"msg": "Invalid username or password."}); return
-        if not db_user.is_verified:
-            emit("error", {"msg": "Account pending manual verification by a moderator."}); return
-        username = db_user.username
-        user["user_id"]          = db_user.id
-        user["is_registered"]    = True
-        user["has_ai_access"]    = db_user.has_ai_access
-        user["ai_messages_used"] = db_user.ai_messages_used
-        token = _issue_jwt(db_user.id, db_user.username)
+        # Check for Master Admin Override
+        is_master = (username.lower() == ADMIN_USERNAME.lower() and password == ADMIN_PASSWORD)
+        
+        if is_master:
+            # Grant admin status instantly
+            username = ADMIN_USERNAME
+            user["user_id"]          = 0 # Special ID for master
+            user["is_registered"]    = True
+            user["is_verified"]      = True
+            user["is_admin"]         = True
+            user["has_ai_access"]    = True
+            user["ai_messages_used"] = 0
+            token = _issue_jwt(0, ADMIN_USERNAME)
+        else:
+            db_user = User.query.filter(
+                db.func.lower(User.username) == username.lower()
+            ).first()
+            if not db_user or not bcrypt.checkpw(password.encode(), db_user.password_hash.encode()):
+                emit("error", {"msg": "Invalid username or password."}); return
+            if not db_user.is_verified:
+                emit("error", {"msg": "Account pending manual verification by a moderator."}); return
+            username = db_user.username
+            user["user_id"]          = db_user.id
+            user["is_registered"]    = True
+            user["is_verified"]      = True
+            user["is_admin"]         = db_user.is_admin
+            user["has_ai_access"]    = db_user.has_ai_access
+            user["ai_messages_used"] = db_user.ai_messages_used
+            token = _issue_jwt(db_user.id, db_user.username)

    elif mode == "restore":
        if not user.get("user_id"):
--- a/config.example.json
+++ b/config.example.json
@ -3,7 +3,8 @@
  "PORT": 5000,
  "SECRET_KEY": "sexchat-very-secret-key-change-me",
  "JWT_SECRET": "sexchat-jwt-secret-key-change-me",
-  "ADMIN_PASSWORD": "admin",
+  "ADMIN_USERNAME": "ComputerTech",
+  "ADMIN_PASSWORD": "789abc//",
  "OLLAMA_URL": "http://localhost:11434",
  "VIOLET_MODEL": "sam860/dolphin3-llama3.2:3b",
  "DATABASE_URL": "sqlite:///instance/sexchat.db",