feat(auth): root seeding and reset-password CLI #27

Merged

addison merged 5 commits from exe-dev-bot/kiosk:feat/root-seeding into main 2026-02-21 06:48:25 -05:00

Conversation 0 Commits 5 Files changed 10 +312 -23

exe-dev-bot commented 2026-02-21 06:15:21 -05:00

Contributor

Copy link

Implements the Root Seeding section of spec 002. Deploy TUI writes bcrypt-hashed root password to seed file on SD card. Server consumes it on first startup to create the root account. Adds kiosk reset-password CLI for existing installations.

Implements the Root Seeding section of spec 002. Deploy TUI writes bcrypt-hashed root password to seed file on SD card. Server consumes it on first startup to create the root account. Adds `kiosk reset-password` CLI for existing installations.

exe-dev-bot added 5 commits 2026-02-21 06:15:21 -05:00

feat(deploy): write root seed file during SD card deploy ... 72f1ab1730

Add WriteSeedFile method to Deployer interface, RealDeployer, and
MockDeployer. The method bcrypt-hashes the generated password and writes
the hash to <rootMount>/opt/kiosk/.root-seed with mode 0600.

Call WriteSeedFile in the TUI deploy flow after InstallBinary (step 9),
while the root partition is still mounted.

Add golang.org/x/crypto dependency for bcrypt support.

Co-authored-by: Shelley <shelley@exe.dev>

feat(auth): implement root seed file consumption and reset-password CLI ... f4e807c0bc

Add ConsumeSeedFile(db, path) in db.go: reads bcrypt hash from file,
inserts root user, deletes file. No-op if file doesn't exist.

Add ResetRootPassword(db, hash) in db.go: upserts root user with new
password hash and revokes all existing root API keys.

Add reset-password subcommand in main.go: prompts for new password,
bcrypt-hashes it, calls ResetRootPassword.

Call ConsumeSeedFile after InitDB() in the server startup path.

Co-authored-by: Shelley <shelley@exe.dev>

test(auth): add root seeding and reset-password tests ... ebcd35c2e1

- TestConsumeSeedFileCreatesRootAndDeletesFile: seed file with bcrypt
  hash creates root user with correct hash, file is deleted afterward.
- TestConsumeSeedFileAbsentDoesNothing: non-existent seed file returns
  no error and creates no users.
- TestResetRootPasswordRevokesAllAPIKeys: inserts root user with API
  keys, resets password, verifies all keys have revoked_at set.
- TestResetRootPasswordCreatesUserIfNotExists: reset-password upserts
  a new root user when none exists.

Co-authored-by: Shelley <shelley@exe.dev>

docs(spec): mark root seeding tasks complete ... 7c9ae2ae16

Co-authored-by: Shelley <shelley@exe.dev>

fix(auth): make seed consumption robust to whitespace and restarts ... c13c819584

Co-authored-by: Shelley <shelley@exe.dev>

addison merged commit 15a4276f2c into main 2026-02-21 06:48:25 -05:00

addison referenced this pull request from a commit 2026-02-21 06:48:26 -05:00

feat(auth): root seeding and reset-password CLI (#27)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

kwila/kiosk!27

No description provided.