From 3ed2c75b30a8f47772113511a2974d2102e05a96 Mon Sep 17 00:00:00 2001
From: Antoine Gersant <antoine.gersant@lesforges.org>
Date: Mon, 3 Jul 2017 16:15:54 -0700
Subject: [PATCH] Bypass auth requirement for first time flow

---
 src/api.rs | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/src/api.rs b/src/api.rs
index 4eff209..ec66fe8 100644
--- a/src/api.rs
+++ b/src/api.rs
@@ -174,13 +174,20 @@ impl Handler for AuthHandler {
 		{
 			let mut auth_success = false;
 
+			// Skip auth for first time setup
+			if user::count(self.db.deref())? == 0 {
+				auth_success = true;
+			}
+
 			// Auth via Authorization header
-			if let Some(auth) = req.headers.get::<Authorization<Basic>>() {
-				if let Some(ref password) = auth.password {
-					auth_success =
-						user::auth(self.db.deref(), auth.username.as_str(), password.as_str())?;
-					req.extensions
-						.insert::<SessionKey>(Session { username: auth.username.clone() });
+			if !auth_success {
+				if let Some(auth) = req.headers.get::<Authorization<Basic>>() {
+					if let Some(ref password) = auth.password {
+						auth_success =
+							user::auth(self.db.deref(), auth.username.as_str(), password.as_str())?;
+						req.extensions
+							.insert::<SessionKey>(Session { username: auth.username.clone() });
+					}
 				}
 			}
 
@@ -193,7 +200,6 @@ impl Handler for AuthHandler {
 			if !auth_success {
 				return Err(Error::from(ErrorKind::AuthenticationRequired).into());
 			}
-
 		}
 
 		self.handler.handle(req)