change password for a user from the console on the same machine

[JuergeN]

Is there a way to change the password of a user from the console (cronjob), e.g. by using Danny's dm4client? If so, Danny could you please give me a short step-by-step howto. The user is 'testuser'. I know the previous password and I want to change it to a new one as part of a shell script on the same machine. Can you help me?

[jri]

You can do this via the DM4 Core REST API, e.g. via curl.
Tell me if you need further details.

[jri]

Oh, sorry, I was too quick. This will not work so easy.

You have to login first, that is creating a session, and then pass the session ID along with the update request. Otherwise you get a 401.
You could do this with curl and further scripting as well, but is cumbersome. Now I understand why you consider dm4client.

[JuergeN]

This issue is still unsolved for me. I need a shell script based solution to:

a) create a testuser with password from scratch or
b) change the password of existing testuser (knowing the old password)

I need this, so that we can start flooding the DM4-Demo-Server with useful content. The idea is, that registered people from the DM4 Community get a named account on the dm4ref instance running on the server. Then they can make nice maps and explain some of DM4 obsticals. Then I want to copy that database to the demo instance every night by a cronjob. But I really still need to add the testuser afterwords or just to change her password. It would be very helpful to solve this soon.

[jri]

Great idea!

You can create a User Account from a shell script this way:

curl -X POST -H 'Content-Type: application/json' -H 'Authorization: Basic YWRtaW46' -H 'Cookie: dm4_workspace_id=2234' -d '{
    type_uri: "dm4.accesscontrol.user_account",
    composite: {
        dm4.accesscontrol.username: "terry",
        dm4.accesscontrol.password: "-SHA256-a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3"
    }
}' http://localhost:8080/core/topic

4 parts here are variable:

• terry -- The username of the new user account.

• a665a4592042...ae3-- The SHA256 encoded password of the new user account.

Hint: to obtain a SHA256 value you can e.g. use the DM Webclient's JavaScript? console and type SHA256("secret").

Important: In the request the encoded password must be prefixed with -SHA256-.

• YWRtaW46 -- The Base64 encoded credentials of the admin user (resp. any user who is allowed to create user accounts).

Hint: to obtain Base64 encoded credentials you can e.g. use the browser's JavaScript? console and type btoa("admin:pass"). That is, username and passwort are separated by a colon. If the password is empty the colon must be included anyway.

Important: In the request header the encoded credentials must be prefixed with Basic and a space.

• 2234 -- The ID of the workspace the new user account is assigned to. This is probably the DeepaMehta worksapce in your case. The workspace assignment determines e.g. of which types the new user is allowed to create instances of. If the user account has no workspace assignment the user might not be able to create anything.

Hint: to obtain the ID of a workspace reveal it in the Webclient and read its ID in the browser URL. You could hardcode that ID in your script. The ID is different in every DM installation.

To obtain the workspace ID dynamically (instead of hardcoding it) you could do another request via curl to retrieve the workspace by its URI.

IMPORTANT: Do not create more than User Account with the same Username. While this is currently not rejected by DM it renders the User Account unusable. This is a known issue.

A final hint: User Accounts created via shell scripts do not allow the respective user to change hers password via Webclient. This is a known issue but probably not a problem in your case.

Tell me if you need any help.

[JuergeN]

Cool! Danke Jörg. Hat prima geklappt. Das Script dm4ref2demo.sh macht jetzt alles wunderbar automatisch. Es wird fortan jeden Morgen per cron ausgeführt (aktuell um 07:07).

[jri]

Super!