Login/Register
What's the best way to add a default admin user in Node.js/MongoDB app?
Asked Answered
Solved node.jsmongodbmongooseadmin
R

2

8

So I have an application developed in Nodejs and is using the Mongodb/Mongoose database. Beside the application there is an admin panel where administrators can manage all the data added from regular users.

in the users schema I have following:

role: {
        type: String,
        default: "user",
        enum: ["user", "admin"]
    },

My questions is what's the best/secure way to add one or two admin users where they can sign in using the login form?

Roana answered 26/6, 2017 at 11:48 Comment(0)
M
5

You can use a script, say seed.js, to safely insert as many users with admin role as required.

//seed.js
var User = require('../path/to/user.js');

var user = {
    name: "Admin User",
    email: "[email protected]",
    role: "admin"
}

User.create(user, function(e) {
    if (e) {
        throw e;
    }
});

Require seed.js in your server.js or app.js script right after the connection to mongodb is made. Comment or remove this line when you are done seeding.

require('../path/to/seed');
Moa answered 26/6, 2017 at 15:0 Comment(1)
Great indeed. Solved my issue of creating users. Only if you want to handle if users have been already created or not then we have to handle that in exception (only if you have created indexes in mongoDB) .Fricassee
R
6

If you want to set up the admin with a password, you can define a folder, which contains some deployment files (which you obviously don't want to track using your cvs) and add the users in a JSON file:

mkdir .deploy
echo '.deploy' >> .gitignore
cd .deploy
touch users.json

and add the users config there:

{
  "users": [{
    name: "Admin User",
    username: "admin",
    email: "[email protected]",
    role: "admin",
    password: "some-long-password"
  }]
}

Then in your code at startup you check the project's filesystem for the users.json file. If it exists, create the new users and delete it, otherwise continue:

import fs from 'fs'

const User = require('../path/to/user.js');

const startup = () => {
  const path = '/path/to/users.json'
  fs.readFile(path, 'utf8', function (err, data) {
    if (err) return console.error(err)
    const usersConf = JSON.parse(data);
    usersConf.users.forEach(user => User.create(user))
    deleteUsers(path)
  })
}

const deleteUsers = (path) => {
  fs.unlink(path, (err) => {
    if (err) console.error(err)
  })
}

startup()

Of course this could also be written using async / await to prevent these nested callback.

You should write a check, if the user exists and ignore the user, because you may provide the users.json again the next time you deploy and update.

Ree answered 27/11, 2019 at 14:3 Comment(0)
M
5

You can use a script, say seed.js, to safely insert as many users with admin role as required.

//seed.js
var User = require('../path/to/user.js');

var user = {
    name: "Admin User",
    email: "[email protected]",
    role: "admin"
}

User.create(user, function(e) {
    if (e) {
        throw e;
    }
});

Require seed.js in your server.js or app.js script right after the connection to mongodb is made. Comment or remove this line when you are done seeding.

require('../path/to/seed');
Moa answered 26/6, 2017 at 15:0 Comment(1)
Great indeed. Solved my issue of creating users. Only if you want to handle if users have been already created or not then we have to handle that in exception (only if you have created indexes in mongoDB) .Fricassee

© 2022 - 2024 — McMap. All rights reserved.