feat(ops): emergency password-reset CLI + deployment docs
New CLI: bun run reset-password <email> Two modes selected interactively: - Recovery mode: if you still have the user's recovery code, unwrap the existing DEK with it and re-wrap with the new password. No data loss; the recovery code stays valid (mirrors /auth/recovery-complete). - Nuke mode: if both password AND recovery code are gone, generate a fresh DEK + new recovery code (printed once), and DELETE the user's private activities — their ciphertext is permanently unrecoverable. Public/semi/friends rows and engagement (hearts/bookmarks/done) are preserved. Both modes invalidate the user's sessions. Password length matches the signup/recovery rule (12 chars min). Wrong-recovery-code path aborts before any DB writes. Hand-rolled line reader sidesteps a Bun quirk where node:readline only delivers the first answer when stdin is piped. Also expand README's "Deployment" section: container snippet stays, plus new subsections for env vars, TLS termination (with a Caddyfile example), backup/restore via sqlite3 .backup, the /api/health healthcheck, upgrade flow, and a walkthrough of the reset CLI.
This commit is contained in:
parent
fb193b4914
commit
ef02b3f585
3 changed files with 388 additions and 3 deletions
|
|
@ -10,7 +10,8 @@
|
|||
"build:frontend": "vite build --config frontend/vite.config.ts",
|
||||
"start": "NODE_ENV=production bun run server/index.ts",
|
||||
"test": "bun test",
|
||||
"typecheck": "tsc --noEmit && tsc --noEmit -p frontend/tsconfig.json"
|
||||
"typecheck": "tsc --noEmit && tsc --noEmit -p frontend/tsconfig.json",
|
||||
"reset-password": "bun run server/reset-password.ts"
|
||||
},
|
||||
"dependencies": {
|
||||
"hono": "^4.6.0",
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue