Merge 8057c40a51 into 909a9d0e85

Fix: Skip token creation when SUPERUSER_API_TOKEN is not set
Instead of generating a random unretrievable token, skip API token creation entirely when no explicit token is configured. Users can provision tokens via the API using username/password credentials.
2026-03-18 14:26:53 +00:00 · 2026-03-12 21:16:07 +00:00 · 2026-03-12 22:15:59 +01:00
1 changed files with 7 additions and 7 deletions
--- a/docker/super_user.py
+++ b/docker/super_user.py
@ -1,4 +1,3 @@
-import secrets
 from os import environ

 from django.conf import settings
@ -22,16 +21,17 @@ su_email = environ.get("SUPERUSER_EMAIL", "admin@example.com")
 su_password = _read_secret("superuser_password", environ.get("SUPERUSER_PASSWORD", "admin"))
 su_api_token = _read_secret(
    "superuser_api_token",
-    environ.get("SUPERUSER_API_TOKEN", secrets.token_hex(20)),
+    environ.get("SUPERUSER_API_TOKEN"),
 )

 if not User.objects.filter(username=su_name):
    u = User.objects.create_superuser(su_name, su_email, su_password)
-    msg = ""
-    if not settings.API_TOKEN_PEPPERS:
+    if not su_api_token:
+        print("⚠️ No API token will be created as SUPERUSER_API_TOKEN is not set")
+        print(f"💡 Superuser Username: {su_name}, E-Mail: {su_email}")
+    elif not settings.API_TOKEN_PEPPERS:
        print("⚠️ No API token will be created as API_TOKEN_PEPPERS is not set")
-        msg = f"💡 Superuser Username: {su_name}, E-Mail: {su_email}"
+        print(f"💡 Superuser Username: {su_name}, E-Mail: {su_email}")
    else:
        t = Token.objects.create(user=u, token=su_api_token, version=TokenVersionChoices.V2)
-        msg = f"💡 Superuser Username: {su_name}, E-Mail: {su_email}, API Token: {t} (use with '{t.get_auth_header_prefix()}<Your token>')"
-    print(msg)
+        print(f"💡 Superuser Username: {su_name}, E-Mail: {su_email}, API Token: {t}")
Author	SHA1	Message	Date
Valentin Lobstein	5a0c4677a0	Merge `8057c40a51` into `909a9d0e85`	2026-03-12 21:16:07 +00:00
Valentin Lobstein	8057c40a51	Fix: Skip token creation when SUPERUSER_API_TOKEN is not set Instead of generating a random unretrievable token, skip API token creation entirely when no explicit token is configured. Users can provision tokens via the API using username/password credentials.	2026-03-12 22:15:59 +01:00