Merge pull request #6 from nullmedium/initial-user-setup

Make first user the admin.
2025-07-01 12:44:50 +02:00
parent 042a44bead 0693169839
commit 7e4093a770
1 changed files with 21 additions and 7 deletions
--- a/app.py
+++ b/app.py
@@ -262,19 +262,33 @@ def register():
            
        if error is None:
            try:
+                # Check if this is the first user account
+                is_first_user = User.query.count() == 0
+                
                new_user = User(username=username, email=email, is_verified=False)
                new_user.set_password(password)
                
+                # Make first user an admin with full privileges
+                if is_first_user:
+                    new_user.is_admin = True
+                    new_user.role = Role.ADMIN
+                    new_user.is_verified = True  # Auto-verify first user
+                
                # Generate verification token
                token = new_user.generate_verification_token()
                
                db.session.add(new_user)
                db.session.commit()
                
-                # Send verification email
-                verification_url = url_for('verify_email', token=token, _external=True)
-                msg = Message('Verify your TimeTrack account', recipients=[email])
-                msg.body = f'''Hello {username},
+                if is_first_user:
+                    # First user gets admin privileges and is auto-verified
+                    logger.info(f"First user account created: {username} with admin privileges")
+                    flash('Welcome! You are the first user and have been granted administrator privileges. You can now log in.', 'success')
+                else:
+                    # Send verification email for regular users
+                    verification_url = url_for('verify_email', token=token, _external=True)
+                    msg = Message('Verify your TimeTrack account', recipients=[email])
+                    msg.body = f'''Hello {username},

 Thank you for registering with TimeTrack. To complete your registration, please click on the link below:

@@ -287,10 +301,10 @@ If you did not register for TimeTrack, please ignore this email.
 Best regards,
 The TimeTrack Team
 '''
-                mail.send(msg)
-                logger.info(f"Verification email sent to {email}")
+                    mail.send(msg)
+                    logger.info(f"Verification email sent to {email}")
+                    flash('Registration initiated! Please check your email to verify your account.', 'success')
                
-                flash('Registration initiated! Please check your email to verify your account.', 'success')
                return redirect(url_for('login'))
            except Exception as e:
                db.session.rollback()