admin/honey-be
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
honey-be/ADMIN_SETUP.md
Tihon 15498c8337
All checks were successful
Deploy to VPS / deploy (push) Successful in 52s
Details
Initial setup, cleanup, VPS setup
2026-03-07 23:11:31 +02:00

3.0 KiB
Raw Permalink Blame History

Admin User Setup Guide

This guide explains how to create an admin user in the database.

Prerequisites

  • Access to the MySQL database
  • Spring Boot application running (to generate password hash)

Method 1: Using Spring Boot Application

  1. Create a simple test class or use the Spring Boot shell to generate a password hash:
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
String hashedPassword = encoder.encode("your-secure-password");
System.out.println(hashedPassword);
  1. Connect to your MySQL database and run:
-- Insert a new admin user into the admins table
INSERT INTO admins (
    username, 
    password_hash, 
    role
) VALUES (
    'admin',
    '$2a$10$YourGeneratedHashHere',
    'ROLE_ADMIN'
);

Method 2: Using Online BCrypt Generator

  1. Use an online BCrypt generator (e.g., https://bcrypt-generator.com/)
  2. Enter your desired password
  3. Copy the generated hash
  4. Use it in the SQL UPDATE/INSERT statement above

Method 3: Using Command Line (if bcrypt-cli is installed)

bcrypt-cli hash "your-password" 10

Security Best Practices

  1. Use Strong Passwords: Minimum 12 characters with mix of letters, numbers, and symbols
  2. Change Default Credentials: Never use default usernames/passwords in production
  3. Limit Admin Users: Only create admin accounts for trusted personnel
  4. Regular Audits: Periodically review admin users and their activity
  5. JWT Secret: Ensure APP_ADMIN_JWT_SECRET in application.yml is set to a secure random string (minimum 32 characters)

Generate JWT Secret

You can generate a secure JWT secret using:

# Using OpenSSL
openssl rand -base64 32

# Or using Node.js
node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"

Then set it in your environment variable or application.yml:

app:
  admin:
    jwt:
      secret: ${APP_ADMIN_JWT_SECRET:your-generated-secret-here}

Testing Admin Login

After setting up an admin user, test the login:

curl -X POST https://win-spin.live/api/admin/login \
  -H "Content-Type: application/json" \
  -d '{"username":"admin","password":"your-password"}'

You should receive a response with a JWT token:

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "username": "admin"
}

Troubleshooting

"Invalid credentials" error

  • Verify the password hash was generated correctly
  • Check that the username in the admins table matches exactly (case-sensitive)
  • Ensure the admin has role = 'ROLE_ADMIN' in the admins table

"Access Denied" after login

  • Verify the JWT token is being sent in the Authorization header: Bearer <token>
  • Check backend logs for authentication errors
  • Verify CORS configuration includes your admin domain

Password hash format

  • BCrypt hashes should start with $2a$, $2b$, or $2y$
  • The hash should be 60 characters long
  • Example format: $2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy
Reference in New Issue View Git Blame Copy Permalink