openclaw-rocketchat 0.7.5 → 0.7.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/install-rc.sh +49 -7
- package/package.json +1 -1
package/install-rc.sh
CHANGED
|
@@ -590,10 +590,45 @@ if [ -z "${RC_ADMIN_PASS:-}" ]; then
|
|
|
590
590
|
if [ -f "${INSTALL_DIR}/.rc-info" ]; then
|
|
591
591
|
RC_ADMIN_PASS=$(grep "^ADMIN_PASS=" "${INSTALL_DIR}/.rc-info" 2>/dev/null | cut -d'=' -f2-)
|
|
592
592
|
fi
|
|
593
|
-
#
|
|
593
|
+
# 如果仍然为空(旧版安装),标记为默认密码
|
|
594
594
|
if [ -z "${RC_ADMIN_PASS:-}" ]; then
|
|
595
595
|
RC_ADMIN_PASS="admin"
|
|
596
|
-
|
|
596
|
+
fi
|
|
597
|
+
fi
|
|
598
|
+
|
|
599
|
+
# 如果密码是弱口令 admin,尝试通过 API 自动加固
|
|
600
|
+
if [ "${RC_ADMIN_PASS}" = "admin" ]; then
|
|
601
|
+
step "检测到弱口令 admin/admin,正在自动加固..."
|
|
602
|
+
# 用 admin/admin 登录获取 token
|
|
603
|
+
LOGIN_RESP=$(curl -sk -X POST "https://127.0.0.1/api/v1/login" \
|
|
604
|
+
-H "Content-Type: application/json" \
|
|
605
|
+
-d '{"user":"admin","password":"admin"}' 2>/dev/null || echo "")
|
|
606
|
+
|
|
607
|
+
AUTH_TOKEN=$(echo "$LOGIN_RESP" | grep -o '"authToken":"[^"]*"' | head -1 | cut -d'"' -f4)
|
|
608
|
+
USER_ID=$(echo "$LOGIN_RESP" | grep -o '"userId":"[^"]*"' | head -1 | cut -d'"' -f4)
|
|
609
|
+
|
|
610
|
+
if [ -n "$AUTH_TOKEN" ] && [ -n "$USER_ID" ]; then
|
|
611
|
+
# 生成强密码
|
|
612
|
+
NEW_PASS=$(head -c 18 /dev/urandom | base64 | tr -d '/+=' | head -c 20)
|
|
613
|
+
if [ ${#NEW_PASS} -lt 12 ]; then
|
|
614
|
+
NEW_PASS="RcAdmin$(date +%s | sha256sum | head -c 16)"
|
|
615
|
+
fi
|
|
616
|
+
|
|
617
|
+
# 通过 API 修改密码
|
|
618
|
+
CHANGE_RESP=$(curl -sk -X POST "https://127.0.0.1/api/v1/users.update" \
|
|
619
|
+
-H "Content-Type: application/json" \
|
|
620
|
+
-H "X-Auth-Token: ${AUTH_TOKEN}" \
|
|
621
|
+
-H "X-User-Id: ${USER_ID}" \
|
|
622
|
+
-d "{\"userId\":\"${USER_ID}\",\"data\":{\"password\":\"${NEW_PASS}\"}}" 2>/dev/null || echo "")
|
|
623
|
+
|
|
624
|
+
if echo "$CHANGE_RESP" | grep -q '"success":true'; then
|
|
625
|
+
RC_ADMIN_PASS="${NEW_PASS}"
|
|
626
|
+
success "管理员密码已自动升级为强随机密码"
|
|
627
|
+
else
|
|
628
|
+
warn "自动修改密码失败,保留当前密码。建议运行 openclaw rocketchat setup 后自动加固。"
|
|
629
|
+
fi
|
|
630
|
+
else
|
|
631
|
+
warn "无法使用 admin/admin 登录(可能密码已被修改过)。建议运行 openclaw rocketchat setup。"
|
|
597
632
|
fi
|
|
598
633
|
fi
|
|
599
634
|
|
|
@@ -629,11 +664,18 @@ info "安装目录: ${INSTALL_DIR}"
|
|
|
629
664
|
info "HTTPS: Let's Encrypt 正式证书(acme.sh 自动续期)"
|
|
630
665
|
info "域名: ${RC_DOMAIN}(由 sslip.io 免费提供,无需购买)"
|
|
631
666
|
echo ""
|
|
632
|
-
|
|
633
|
-
|
|
634
|
-
echo -e "
|
|
635
|
-
|
|
636
|
-
info "
|
|
667
|
+
if [ "${RC_ADMIN_PASS}" = "admin" ]; then
|
|
668
|
+
warn "🔑 管理员账号(弱口令,请尽快运行 openclaw rocketchat setup 自动加固):"
|
|
669
|
+
echo -e " 用户名: ${GREEN}admin${NC}"
|
|
670
|
+
echo -e " 密码: ${RED}admin${NC} ← ${RED}安全风险!${NC}"
|
|
671
|
+
info " 运行 openclaw rocketchat setup 会自动将密码升级为强随机密码。"
|
|
672
|
+
else
|
|
673
|
+
info "🔑 管理员账号(已自动生成强密码):"
|
|
674
|
+
echo -e " 用户名: ${GREEN}admin${NC}"
|
|
675
|
+
echo -e " 密码: ${GREEN}${RC_ADMIN_PASS}${NC}"
|
|
676
|
+
info " (已保存到 ${RC_INFO_FILE},setup 时会自动读取。"
|
|
677
|
+
info " 普通用户不需要知道这个账号,仅供服务器管理使用。)"
|
|
678
|
+
fi
|
|
637
679
|
echo ""
|
|
638
680
|
info "📌 接下来的步骤:"
|
|
639
681
|
echo ""
|
package/package.json
CHANGED