Skip to main content

Overview

EverShop provides CLI commands to manage admin users without accessing the database directly. These commands handle password hashing and validation automatically.

Available Commands

  • evershop user:create - Create a new admin user
  • evershop user:changePassword - Change an admin user’s password

user:create

Create a new admin user account.

Usage

evershop user:create --name "Full Name" --email [email protected] --password SecurePass123

Options

OptionAliasRequiredDescription
--name-nYesAdmin user’s full name
--email-eYesAdmin user’s email address
--password-pYesAdmin user’s password

Examples

Basic Usage

evershop user:create \
  --name "John Doe" \
  --email [email protected] \
  --password MyPassword123

Using Short Flags

evershop user:create -n "Jane Smith" -e [email protected] -p SecurePass456

Get Help

evershop user:create --help

Password Requirements

Passwords must:
  • Be at least 8 characters long
  • Contain at least one letter
  • Contain at least one digit
// From src/bin/user/create.js
function isValidPassword(password) {
  return password.length >= 8;
}

Email Validation

Email addresses must be valid format: 
function isValidEmail(email) {
  return /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email);
}

Implementation Details

The command:
  1. Validates input parameters
  2. Hashes the password using bcrypt
  3. Inserts or updates the user in the database
  4. Uses insertOnUpdate to handle duplicate emails
await insertOnUpdate('admin_user', ['email'])
  .given({
    full_name,
    email,
    password: hashPassword(password)
  })
  .execute(pool);

Success Output

$ evershop user:create -n "Admin" -e [email protected] -p TestPass123
Admin user created successfully

Error Handling

Invalid Email

$ evershop user:create -n "Test" -e invalid-email -p Pass123
Error: Invalid email format

Weak Password

$ evershop user:create -n "Test" -e [email protected] -p short
Error: Invalid password. Password must be at least 8 characters long

Missing Required Field

$ evershop user:create -e [email protected] -p Pass123
Error: Missing required argument: name

user:changePassword

Change the password for an existing admin user.

Usage

evershop user:changePassword --email [email protected] --password NewPassword123

Options

OptionAliasRequiredDescription
--email-eYesAdmin user’s email address
--password-pYesNew password

Examples

Basic Usage

evershop user:changePassword \
  --email [email protected] \
  --password NewSecurePass123

Using Short Flags

evershop user:changePassword -e [email protected] -p NewPass456

Get Help

evershop user:changePassword --help

Password Requirements

Same requirements as user:create:
  • Minimum 8 characters
  • At least one letter
  • At least one digit

Implementation Details

The command:
  1. Validates the new password
  2. Checks if the user exists
  3. Hashes the new password
  4. Updates the database
// Find user
const user = await select()
  .from('admin_user')
  .where('email', '=', email)
  .load(pool);

if (!user) {
  throw new Error('User not found');
}

// Update password
await update('admin_user')
  .given({ password: hashPassword(password) })
  .where('admin_user_id', '=', user.admin_user_id)
  .execute(pool);

Success Output

$ evershop user:changePassword -e [email protected] -p NewPass123
Password is updated successfully

Error Handling

User Not Found

$ evershop user:changePassword -e [email protected] -p Pass123
Error: User not found

Weak Password

$ evershop user:changePassword -e [email protected] -p short
Error: Invalid password. Password must be at least 8 characters long

Missing Required Field

$ evershop user:changePassword -e [email protected]
Error: Missing required argument: password

Password Hashing

All passwords are hashed using bcrypt: 
import bcrypt from 'bcryptjs';

export function hashPassword(password) {
  return bcrypt.hashSync(password, 10);
}

Database Schema

Admin users are stored in the admin_user table: 
CREATE TABLE "admin_user" (
  "admin_user_id" INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
  "uuid" UUID NOT NULL DEFAULT gen_random_uuid(),
  "status" boolean NOT NULL DEFAULT TRUE,
  "email" varchar NOT NULL UNIQUE,
  "password" varchar NOT NULL,
  "full_name" varchar DEFAULT NULL,
  "created_at" TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
  "updated_at" TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
);

Security Best Practices

Strong Passwords

Use strong passwords with:
  • At least 12 characters (longer than minimum)
  • Mix of uppercase and lowercase
  • Numbers and special characters
  • No common words or patterns

Avoid Command History

Passwords in command line are visible in shell history. For production: 
# Use environment variables
USER_PASSWORD="SecurePass123"
evershop user:create -n "Admin" -e [email protected] -p "$USER_PASSWORD"

# Clear history after
history -d -1

Use Interactive Prompts

For sensitive operations, consider using a script with interactive prompts: 
#!/bin/bash
read -p "Email: " EMAIL
read -sp "Password: " PASSWORD
echo
evershop user:create -n "Admin" -e "$EMAIL" -p "$PASSWORD"

Use Cases

Initial Admin Setup

After installation: 
evershop user:create \
  -n "System Administrator" \
  -e [email protected] \
  -p "YourSecurePassword123"

Creating Multiple Admins

# Create marketing admin
evershop user:create \
  -n "Marketing Team" \
  -e [email protected] \
  -p "Marketing2024!"

# Create support admin
evershop user:create \
  -n "Support Team" \
  -e [email protected] \
  -p "Support2024!"

Password Reset

When an admin forgets their password: 
evershop user:changePassword \
  -e [email protected] \
  -p "NewPassword123"

Account Recovery

If locked out of admin panel: 
# Change password via CLI
evershop user:changePassword \
  -e [email protected] \
  -p "RecoveryPass123"

# Login with new password

Automation Scripts

Bulk User Creation

#!/bin/bash
# create_admins.sh

USERS=(
  "Admin One:[email protected]:Pass1234"
  "Admin Two:[email protected]:Pass5678"
  "Admin Three:[email protected]:Pass9012"
)

for user in "${USERS[@]}"; do
  IFS=':' read -r NAME EMAIL PASSWORD <<< "$user"
  evershop user:create -n "$NAME" -e "$EMAIL" -p "$PASSWORD"
done

Password Rotation

#!/bin/bash
# rotate_password.sh

EMAIL="$1"
NEW_PASSWORD=$(openssl rand -base64 12)

evershop user:changePassword -e "$EMAIL" -p "$NEW_PASSWORD"
echo "New password for $EMAIL: $NEW_PASSWORD"

Troubleshooting

Database Connection Error

Error: Connection terminated
Solution: Ensure .env file exists with database credentials.

User Already Exists

The user:create command uses insertOnUpdate, so it will update the existing user if the email already exists: 
# First time - creates user
evershop user:create -n "Admin" -e [email protected] -p Pass123

# Second time - updates user
evershop user:create -n "Admin Updated" -e [email protected] -p Pass456

Permission Denied

Error: permission denied for table admin_user
Solution: Verify database user has proper permissions: 
GRANT ALL PRIVILEGES ON TABLE admin_user TO your_db_user;
  • evershop install - Initial setup with first admin user
  • evershop start - Start the server to login

Admin Panel Access

After creating users, access the admin panel: 
URL: http://localhost:3000/admin
Email: [email protected]
Password: YourPassword123

Build docs developers (and LLMs) love

Get started for freeTalk to us