feat: protect control plane with admin login

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-06-06 01:43:13 -06:00
parent 76e9774c65
commit 678b5ae6b8
+4 -3
View File
@@ -19,6 +19,7 @@ const { spawn } = require("child_process")
const os = require("os")
const { createPool, runMigrations } = require("./lib/db.cjs")
const { required } = require("./lib/config.cjs")
const { adminCredentialsMatch, createSessionToken, hashSecret, parseCookies, serializeAdminCookie, clearAdminCookie } = require("./lib/security.cjs")
const { createAdminSession, validateAdminSession, revokeAdminSession } = require("./lib/admin-store.cjs")
const { readJsonBody, sendJson } = require("./lib/http.cjs")
@@ -1555,9 +1556,9 @@ const server = http.createServer(async (req, res) => {
async function main() {
if (DATABASE_URL) {
if (!ADMIN_USERNAME || !ADMIN_PASSWORD || ADMIN_PASSWORD.length < 16) {
throw new Error("HERMES_ADMIN_USERNAME and HERMES_ADMIN_PASSWORD (min 16 chars) required when DATABASE_URL is set")
}
required("HERMES_ADMIN_USERNAME")
const adminPw = required("HERMES_ADMIN_PASSWORD")
if (adminPw.length < 16) throw new Error("HERMES_ADMIN_PASSWORD must be at least 16 characters")
pool = createPool(DATABASE_URL)
await runMigrations(pool)
}