feat: initial version

Signed-off-by: Sebastian Krupinski <krupinski01@gmail.com>

scripts/configure.sh

@@ -43,50 +43,38 @@ main() {
         return 1
     fi
     
-    # Authenticate with default password first
+    # Set current password (start with generated one)
-    log_info "Authenticating with Stalwart API..."
+    local current_password="$DEFAULT_ADMIN_PASSWORD"
-    local auth_token
+    
-    if ! auth_token=$(authenticate "$DEFAULT_ADMIN_PASSWORD"); then
+    # Test authentication with generated password
-        log_error "Failed to authenticate with default admin password"
+    log_info "Verifying API access with generated password..."
-        log_info "This might mean Stalwart has already been configured"
+    if ! test_auth "$current_password"; then
-        
+        log_error "Failed to authenticate with generated password"
-        # Try with provided password if different
+        return 1
-        if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$DEFAULT_ADMIN_PASSWORD" ]; then
-            log_info "Trying with provided admin password..."
-            if ! auth_token=$(authenticate "$ADMIN_PASSWORD"); then
-                log_error "Failed to authenticate with provided password"
-                return 1
-            fi
-        else
-            return 1
-        fi
     fi
     
-    log_success "Authentication successful"
+    log_success "API authentication verified"
     
-    # Update admin password if provided and different from default
+    # Update admin password if provided and different from generated one
-    if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$DEFAULT_ADMIN_PASSWORD" ]; then
+    if [ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "$current_password" ]; then
         log_info "Updating admin password..."
-        if update_admin_password "$auth_token" "$ADMIN_PASSWORD"; then
+        if update_admin_password "$current_password" "$ADMIN_PASSWORD"; then
             log_success "Admin password updated successfully"
-            # Re-authenticate with new password
+            current_password="$ADMIN_PASSWORD"
-            if ! auth_token=$(authenticate "$ADMIN_PASSWORD"); then
-                log_error "Failed to re-authenticate with new password"
-                return 1
-            fi
         else
-            log_warning "Failed to update admin password, continuing with default"
+            log_error "Failed to update admin password"
+            return 1
         fi
     else
-        log_info "No admin password provided, keeping default (changeme)"
+        log_info "No custom admin password provided"
-        log_warning "⚠️  Remember to change the default password!"
+        log_warning "⚠️  Using generated password. Save it securely!"
     fi
     
     # Create domains if provided
     if [ -n "$DOMAINS_JSON" ]; then
         log_info "Creating domains..."
         if validate_json "$DOMAINS_JSON"; then
-            create_domains "$auth_token" "$DOMAINS_JSON"
+            create_domains "$current_password" "$DOMAINS_JSON"
         else
             log_error "Invalid domains JSON format"
             return 1
@@ -99,7 +87,7 @@ main() {
     if [ -n "$USERS_JSON" ]; then
         log_info "Creating users..."
         if validate_json "$USERS_JSON"; then
-            create_users "$auth_token" "$USERS_JSON"
+            create_users "$current_password" "$USERS_JSON"
         else
             log_error "Invalid users JSON format"
             return 1
@@ -133,62 +121,57 @@ wait_for_stalwart_api() {
     return 1
 }
 
-# Authenticate with Stalwart API
+# Test authentication with Stalwart API
 # Args: $1 = password
-# Returns: JWT token on stdout
+# Returns: 0 if auth works, 1 otherwise
-authenticate() {
+test_auth() {
     local password="$1"
     
-    local response
-    local token
     local http_code
     
-    # Stalwart uses Basic Authentication
+    # Test with a simple API call to get account info
-    response=$(curl -s -w "\n%{http_code}" -X GET "${API_URL}/authenticate" \
+    http_code=$(curl -s -o /dev/null -w "%{http_code}" \
-        -u "admin:${password}" 2>&1)
+        -u "admin:${password}" \
+        "${API_URL}/accounts")
+    
+    if [ "$http_code" = "200" ]; then
+        return 0
+    else
+        log_error "API test failed with HTTP $http_code"
+        return 1
+    fi
+}
+
+# Update admin password
+# Args: $1 = current password, $2 = new password
+update_admin_password() {
+    local current_password="$1"
+    local new_password="$2"
+    
+    local http_code
+    local response
+    
+    response=$(curl -s -w "\n%{http_code}" -X PUT "${API_URL}/account/admin" \
+        -u "admin:${current_password}" \
+        -H "Content-Type: application/json" \
+        -d "{\"password\":\"${new_password}\"}" 2>&1)
     
     http_code=$(echo "$response" | tail -n 1)
     response=$(echo "$response" | sed '$d')
     
-    if [ "$http_code" != "200" ]; then
+    if [ "$http_code" = "200" ] || [ "$http_code" = "204" ]; then
-        log_error "Authentication failed with HTTP $http_code"
+        return 0
+    else
+        log_error "Password update failed with HTTP $http_code"
         log_error "Response: $response"
         return 1
     fi
-    
-    token=$(echo "$response" | jq -r '.data // empty' 2>/dev/null)
-    
-    if [ -z "$token" ]; then
-        log_error "No token in response"
-        log_error "Response: $response"
-        return 1
-    fi
-    
-    echo "$token"
-    return 0
-}
-
-# Update admin password
-# Args: $1 = auth token, $2 = new password
-update_admin_password() {
-    local token="$1"
-    local new_password="$2"
-    
-    local response
-    response=$(curl -sf -X PUT "${API_URL}/account/admin" \
-        -H "Authorization: Bearer ${token}" \
-        -H "Content-Type: application/json" \
-        -d "{\"password\":\"${new_password}\"}" 2>&1) || {
-        return 1
-    }
-    
-    return 0
 }
 
 # Create domains from JSON array
-# Args: $1 = auth token, $2 = domains JSON array
+# Args: $1 = password, $2 = domains JSON array
 create_domains() {
-    local token="$1"
+    local password="$1"
     local domains_json="$2"
     
     local domain_count
@@ -228,7 +211,7 @@ create_domains() {
         
         # Create domain via API
         if curl -sf -X POST "${API_URL}/domain" \
-            -H "Authorization: Bearer ${token}" \
+            -u "admin:${password}" \
             -H "Content-Type: application/json" \
             -d "$domain" >/dev/null 2>&1; then
             log_success "✓ Created domain: $domain_name"
@@ -246,9 +229,9 @@ create_domains() {
 }
 
 # Create users from JSON array
-# Args: $1 = auth token, $2 = users JSON array
+# Args: $1 = password, $2 = users JSON array
 create_users() {
-    local token="$1"
+    local password="$1"
     local users_json="$2"
     
     local user_count
@@ -297,7 +280,7 @@ create_users() {
         
         # Create user via API
         if curl -sf -X POST "${API_URL}/account" \
-            -H "Authorization: Bearer ${token}" \
+            -u "admin:${password}" \
             -H "Content-Type: application/json" \
             -d "$payload" >/dev/null 2>&1; then
             log_success "✓ Created user: $email"