From f99bba70f68f0c537d2ecfc80f055fc3dd821b28 Mon Sep 17 00:00:00 2001
From: John Cardinal <support@ayanova.com>
Date: Fri, 11 Mar 2022 21:08:57 +0000
Subject: [PATCH] auto pre-fill superuser creds if default

---
 server/AyaNova/Controllers/NotifyController.cs |  5 +++--
 server/AyaNova/biz/UserBiz.cs                  | 10 ++++++++++
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/server/AyaNova/Controllers/NotifyController.cs b/server/AyaNova/Controllers/NotifyController.cs
index f4bed2be..e04dc789 100644
--- a/server/AyaNova/Controllers/NotifyController.cs
+++ b/server/AyaNova/Controllers/NotifyController.cs
@@ -50,14 +50,15 @@ namespace AyaNova.Api.Controllers
             if (AyaNova.Core.License.ActiveKey.Status == AyaNova.Core.License.AyaNovaLicenseKey.LicenseStatus.ActiveTrial)
                 showSampleLogins = await AyaNova.Util.DbUtil.DBHasTrialUsersAsync(ct, log);
 
+            bool suIsDefault = await UserBiz.SuperIsDefaultCredsAsync(ct);
             //confirm if there are logo's to show as well
             var logo = await ct.Logo.AsNoTracking().SingleOrDefaultAsync();
             if (logo == null)
             {
-                return Ok(ApiOkResponse.Response(new { eval = showSampleLogins, ll = false, ml = false, sl = false, lcr = AyaNova.Core.License.LicenseConsentRequired }));
+                return Ok(ApiOkResponse.Response(new { eval = showSampleLogins, sudf = suIsDefault, ll = false, ml = false, sl = false, lcr = AyaNova.Core.License.LicenseConsentRequired }));
             }
             return Ok(ApiOkResponse.Response(
-                new { eval = showSampleLogins, ll = logo.Large != null ? true : false, ml = logo.Medium != null ? true : false, sl = logo.Small != null ? true : false, lcr = AyaNova.Core.License.LicenseConsentRequired }));
+                new { eval = showSampleLogins, sudf = suIsDefault, ll = logo.Large != null ? true : false, ml = logo.Medium != null ? true : false, sl = logo.Small != null ? true : false, lcr = AyaNova.Core.License.LicenseConsentRequired }));
         }
 
 
diff --git a/server/AyaNova/biz/UserBiz.cs b/server/AyaNova/biz/UserBiz.cs
index dddbc516..05c509e2 100644
--- a/server/AyaNova/biz/UserBiz.cs
+++ b/server/AyaNova/biz/UserBiz.cs
@@ -1020,6 +1020,16 @@ namespace AyaNova.Biz
             return DownloadUser;
         }
 
+        //Used to offer default login in pre-login ping for login form
+        internal static async Task<bool> SuperIsDefaultCredsAsync(AyContext ct)
+        {
+            var su = await ct.User.AsNoTracking().Where(z => z.Id == 1).Select(z => new { z.Salt, z.Login, z.Password }).SingleOrDefaultAsync();
+            if (su == null) return false;//not expected but best not to crash out on this one
+            if (su.Login == "superuser" && Hasher.hash(su.Salt, "l3tm3in") == su.Password)
+                return true;
+            return false;
+        }
+
         ////////////////////////////////////////////////////////////////////////////////////////////////
         //REPORTING
         //