From d9a641f6d7378931f4599a9a12f934b71d71fd81 Mon Sep 17 00:00:00 2001
From: artemislena <artemis@artemislena.eu>
Date: Tue, 24 Oct 2023 19:33:08 +0200
Subject: [PATCH 1/5] T.: Document ways for resetting passwords just w standard
 shell utils

---
 docs/reset-password.md | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/docs/reset-password.md b/docs/reset-password.md
index 8147677..f4cc702 100644
--- a/docs/reset-password.md
+++ b/docs/reset-password.md
@@ -4,10 +4,11 @@ Resetting a user's invidious password needs you to edit the database.
 
 Firstly, generate a bcrypt-encrypted hash for the new password you want to set for the user.
 
-This can be done with the `bcrypt` python module, though there are other ways of doing the same.
+This can, for example, be done with the `bcrypt` python module or the `mkpasswd` shell utility (the latter should be preinstalled on most systems):
 
 ```
-python3 -c 'import bcrypt; print(bcrypt.hashpw(b"<INSERT PASSWORD HERE>", bcrypt.gensalt(rounds=10)).decode("ascii"))'
+python3 -c 'import bcrypt; print(bcrypt.hashpw(b"<INSERT PASSWORD HERE>", bcrypt.gensalt(rounds=10)).decode("ascii"))' # python
+mkpasswd --method=bcrypt-a -R 10 # mkpasswd
 ```
 
 To do so, first attach to the database:
@@ -23,3 +24,19 @@ UPDATE users SET password = 'HASH' WHERE email = 'USERNAME';
 ```
 
 After that, the password should be reset.
+
+This script bundles all needed commands so you don't have to enter everything manually every time, and also checks that the username exists before writing to the database:
+```sh
+#!/bin/sh
+set -e
+
+printf 'User ID: '
+read -r ID
+if [ "$(su postgres -c "psql invidious -c \"SELECT email FROM users WHERE email = '$ID';\"" | tail -n 2 | head -n 1)" != '(1 row)' ]; then
+    echo 'Error: User ID does not exist'
+    exit 1
+fi
+
+HASH="$(mkpasswd --method=bcrypt-a -R 10)"
+su postgres -c "psql invidious -c \"UPDATE users SET password = '$HASH' WHERE email = '$ID';\""
+```

From 676a6800f74768d54a329e59c8b25ac6b62ad80c Mon Sep 17 00:00:00 2001
From: artemislena <artemis@artemislena.eu>
Date: Tue, 24 Oct 2023 19:33:28 +0200
Subject: [PATCH 2/5] T.: Document manual user registration

---
 docs/register-user.md | 28 ++++++++++++++++++++++++++++
 mkdocs.yml            |  1 +
 2 files changed, 29 insertions(+)
 create mode 100644 docs/register-user.md

diff --git a/docs/register-user.md b/docs/register-user.md
new file mode 100644
index 0000000..ce5e329
--- /dev/null
+++ b/docs/register-user.md
@@ -0,0 +1,28 @@
+# Registering users manually
+You might want to disable registration in your [instance config](/configuration), but still have a quick way to manually register users upon request. To do so, first set up a separate instance that only listens on localhost, has registration enabled,
+and captchas as well as background jobs disabled. Make sure you have a way to start it easily with just one or a few commands, e.g. via a systemd service. Then, use something like the script below (in the example, the instance is started via a systemd
+service called `podman-invidious_register`, and it listens on localhost port 21742. **Warning**: This script is vulnerable to SQL injections. Only use trusted inputs; if you want to make a custom signup form and use this as a backend, be sure to
+sanitize inputs.
+```sh
+#!/usr/bin/env bash
+set -e
+
+systemctl start podman-invidious_register
+
+CONTINUE='y'
+while [ "$CONTINUE" = 'y' ]; do
+    read -rp 'User ID: ' ID
+    if [ "$(su postgres -c "psql invidious -c \"SELECT email FROM users WHERE email = '$ID';\"" | tail -n 2 | head -n 1)" != '(0 rows)' ]; then
+        echo 'Error: User ID is already taken'
+        continue
+    fi
+
+    read -rsp 'Password: ' PASSWORD
+
+    curl -L 'http://localhost:21742/login' --form-string "email=$ID" --form-string "password=$PASSWORD" -F 'action=signin' >/dev/null
+
+    read -rp 'Register more accounts? [y/N] ' CONTINUE
+done
+
+systemctl stop podman-invidious_register
+```
diff --git a/mkdocs.yml b/mkdocs.yml
index 2e5ee63..dd54c64 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -33,6 +33,7 @@ nav:
     - 'ipv6-rotator.md'
     - 'captcha-bug.md'
     - 'anti-captcha.md'
+    - 'register-user.md'
     - 'reset-password.md'
     - 'known-exception.md'
   - 'For Developers':

From 4adc95224bf0a806fbf9afcaa1cf291af4302afb Mon Sep 17 00:00:00 2001
From: artemislena <artemis@artemislena.eu>
Date: Sat, 16 Dec 2023 17:42:15 +0100
Subject: [PATCH 3/5] T.: Improved string escapes in our scripts

---
 docs/register-user.md  | 2 +-
 docs/reset-password.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/register-user.md b/docs/register-user.md
index ce5e329..f5e5dde 100644
--- a/docs/register-user.md
+++ b/docs/register-user.md
@@ -12,7 +12,7 @@ systemctl start podman-invidious_register
 CONTINUE='y'
 while [ "$CONTINUE" = 'y' ]; do
     read -rp 'User ID: ' ID
-    if [ "$(su postgres -c "psql invidious -c \"SELECT email FROM users WHERE email = '$ID';\"" | tail -n 2 | head -n 1)" != '(0 rows)' ]; then
+    if [ "$(su postgres -c "psql invidious -c \"SELECT email FROM users WHERE email = '\"'$ID'\"';\"" | tail -n 2 | head -n 1)" != '(0 rows)' ]; then
         echo 'Error: User ID is already taken'
         continue
     fi
diff --git a/docs/reset-password.md b/docs/reset-password.md
index f4cc702..3cd30c8 100644
--- a/docs/reset-password.md
+++ b/docs/reset-password.md
@@ -38,5 +38,5 @@ if [ "$(su postgres -c "psql invidious -c \"SELECT email FROM users WHERE email
 fi
 
 HASH="$(mkpasswd --method=bcrypt-a -R 10)"
-su postgres -c "psql invidious -c \"UPDATE users SET password = '$HASH' WHERE email = '$ID';\""
+su postgres -c "psql invidious -c \"UPDATE users SET password = '\"'$HASH'\"' WHERE email = '\"'$ID'\"';\""
 ```

From ac8e0b9fef1b8d7db23023c11f2498af7e09089f Mon Sep 17 00:00:00 2001
From: artemislena <artemis@artemislena.eu>
Date: Fri, 19 Apr 2024 20:26:37 +0200
Subject: [PATCH 4/5] T.: Don't change this file

---
 mkdocs.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/mkdocs.yml b/mkdocs.yml
index dd54c64..2e5ee63 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -33,7 +33,6 @@ nav:
     - 'ipv6-rotator.md'
     - 'captcha-bug.md'
     - 'anti-captcha.md'
-    - 'register-user.md'
     - 'reset-password.md'
     - 'known-exception.md'
   - 'For Developers':

From 26b6c6e883e49ee8911f60836356075f31854014 Mon Sep 17 00:00:00 2001
From: artemislena <artemis@artemislena.eu>
Date: Fri, 19 Apr 2024 20:26:51 +0200
Subject: [PATCH 5/5] T.: Add newline

---
 docs/register-user.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/register-user.md b/docs/register-user.md
index f5e5dde..0e6b024 100644
--- a/docs/register-user.md
+++ b/docs/register-user.md
@@ -1,4 +1,5 @@
 # Registering users manually
+
 You might want to disable registration in your [instance config](/configuration), but still have a quick way to manually register users upon request. To do so, first set up a separate instance that only listens on localhost, has registration enabled,
 and captchas as well as background jobs disabled. Make sure you have a way to start it easily with just one or a few commands, e.g. via a systemd service. Then, use something like the script below (in the example, the instance is started via a systemd
 service called `podman-invidious_register`, and it listens on localhost port 21742. **Warning**: This script is vulnerable to SQL injections. Only use trusted inputs; if you want to make a custom signup form and use this as a backend, be sure to