replaced everything with ws

2026-03-04 21:42:35 +02:00
parent 68d04f2203
commit 313bd13ef9
378 changed files with 29072 additions and 824 deletions
--- a/ADMIN_SETUP.md
+++ b/ADMIN_SETUP.md
@@ -0,0 +1,114 @@
+# Admin User Setup Guide
+
+This guide explains how to create an admin user in the database.
+
+## Prerequisites
+
+- Access to the MySQL database
+- Spring Boot application running (to generate password hash)
+
+## Method 1: Using Spring Boot Application
+
+1. Create a simple test class or use the Spring Boot shell to generate a password hash:
+
+```java
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+String hashedPassword = encoder.encode("your-secure-password");
+System.out.println(hashedPassword);
+```
+
+2. Connect to your MySQL database and run:
+
+```sql
+-- Insert a new admin user into the admins table
+INSERT INTO admins (
+    username, 
+    password_hash, 
+    role
+) VALUES (
+    'admin',
+    '$2a$10$YourGeneratedHashHere',
+    'ROLE_ADMIN'
+);
+```
+
+## Method 2: Using Online BCrypt Generator
+
+1. Use an online BCrypt generator (e.g., https://bcrypt-generator.com/)
+2. Enter your desired password
+3. Copy the generated hash
+4. Use it in the SQL UPDATE/INSERT statement above
+
+## Method 3: Using Command Line (if bcrypt-cli is installed)
+
+```bash
+bcrypt-cli hash "your-password" 10
+```
+
+## Security Best Practices
+
+1. **Use Strong Passwords**: Minimum 12 characters with mix of letters, numbers, and symbols
+2. **Change Default Credentials**: Never use default usernames/passwords in production
+3. **Limit Admin Users**: Only create admin accounts for trusted personnel
+4. **Regular Audits**: Periodically review admin users and their activity
+5. **JWT Secret**: Ensure `APP_ADMIN_JWT_SECRET` in application.yml is set to a secure random string (minimum 32 characters)
+
+## Generate JWT Secret
+
+You can generate a secure JWT secret using:
+
+```bash
+# Using OpenSSL
+openssl rand -base64 32
+
+# Or using Node.js
+node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"
+```
+
+Then set it in your environment variable or application.yml:
+
+```yaml
+app:
+  admin:
+    jwt:
+      secret: ${APP_ADMIN_JWT_SECRET:your-generated-secret-here}
+```
+
+## Testing Admin Login
+
+After setting up an admin user, test the login:
+
+```bash
+curl -X POST https://win-spin.live/api/admin/login \
+  -H "Content-Type: application/json" \
+  -d '{"username":"admin","password":"your-password"}'
+```
+
+You should receive a response with a JWT token:
+
+```json
+{
+  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
+  "username": "admin"
+}
+```
+
+## Troubleshooting
+
+### "Invalid credentials" error
+- Verify the password hash was generated correctly
+- Check that the `username` in the `admins` table matches exactly (case-sensitive)
+- Ensure the admin has `role = 'ROLE_ADMIN'` in the `admins` table
+
+### "Access Denied" after login
+- Verify the JWT token is being sent in the Authorization header: `Bearer <token>`
+- Check backend logs for authentication errors
+- Verify CORS configuration includes your admin domain
+
+### Password hash format
+- BCrypt hashes should start with `$2a$`, `$2b$`, or `$2y$`
+- The hash should be 60 characters long
+- Example format: `$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy`
+