auth/bootstrap_account.ts

Bootstrap flow for creating the first account.
Uses an atomic bootstrap_lock table to prevent TOCTOU race conditions.
Token verification and account creation happen in a single transaction.

Declarations
#

6 declarations

view source

bootstrap_account
#

auth/bootstrap_account.ts view source

(deps: BootstrapAccountDeps, provided_token: string, input: BootstrapAccountInput): Promise<BootstrapAccountResult>

Bootstrap the first account with keeper and admin privileges.
Uses an atomic bootstrap_lock UPDATE to prevent concurrent bootstrap
attempts (TOCTOU). The full flow runs in a single transaction:
1. Read and verify the bootstrap token (before transaction)
2. Hash the password (CPU-intensive, before transaction)
3. Acquire the bootstrap lock atomically (inside transaction)
4. Create account + actor
5. Grant keeper and admin permits (no expiry, granted_by = null)
6. Delete the token file (after commit, reported via token_file_deleted)

`deps`

database, token path, filesystem callbacks, and password hashing

type BootstrapAccountDeps

`provided_token`

the bootstrap token from the user

type string

`input`

username and password

type BootstrapAccountInput

returns

Promise<BootstrapAccountResult>

the created account, actor, and permits — or a bootstrap failure

BootstrapAccountDeps
#

auth/bootstrap_account.ts view source

BootstrapAccountDeps

Dependencies for bootstrap_account.

`db`

type Db

`token_path`

Path to the bootstrap token file on disk.

type string

`read_file`

Read a file's contents as a string.

type (path: string) => Promise<string>

`delete_file`

Delete a file.

type (path: string) => Promise<void>

`password`

Only hashing is needed — verification happens separately during login.

type Pick<PasswordHashDeps, 'hash_password'>

`log`

Structured logger instance.

type Logger

BootstrapAccountFailure
#

auth/bootstrap_account.ts view source

BootstrapAccountFailure

Bootstrap failure result.

BootstrapAccountInput
#

auth/bootstrap_account.ts view source

BootstrapAccountInput

Input for the bootstrap account creation.

`username`

type string

`password`

type string

BootstrapAccountResult
#

auth/bootstrap_account.ts view source

BootstrapAccountResult

Bootstrap account result — either success or a bootstrap verification failure.

BootstrapAccountSuccess
#

auth/bootstrap_account.ts view source

BootstrapAccountSuccess

Successful bootstrap result with the created entities.

`ok`

type true

`account`

type Account

`actor`

type Actor

`permits`

type {keeper: Permit; admin: Permit}

`token_file_deleted`

Whether the bootstrap token file was successfully deleted after account creation.

type boolean

Depends on
#

Imported by
#

auth/bootstrap_routes.ts