Recover admin password


#1

Hi,

I have not set email settings to recover passwords, and unfortunately I have forgotten the admin password for the service. I have root access to my server, is there a way to recover admin password manually?


#2

You’d need to modify your database with an appropriate query. You didn’t say what DB you have.


#3

I’m using mysql, I thought of that when I faced the problem and after downloading the db file and browsing the data, I saw the passwords are hashed(obviously!). How can I replace the data with appropriate new one?


#4

I’ve tried a few new installs, and turned on mysql logging on a Centos 7 VM.

Then I watched the queries gogs did on mysql.

I’ve created a second user called “bsd”. His password was “bsdbsd”. His email was “bsd@bsd.bsd”. That’s the first query.

User creation with bsdbsd password:

INSERT INTO user (lower_name,name,full_name,email,passwd,login_type,login_source,login_name,type,location,website,rands,salt,created_unix,updated_unix,last_repo_visibility,max_repo_creation,is_active,is_admin,allow_git_hook,allow_import_local,avatar,avatar_email,use_custom_avatar,num_followers,num_following,num_stars,num_repos,description,num_teams,num_members) VALUES (‘bsd’, ‘bsd’, ‘’, ‘bsd@bsd.bsd’, ‘b01562888fe574f50e377bd3daf42c7b13b34e17f7a0b5b2b520acea3236c197b872e95cb0ef66431fea3e51213d17751dbc’, 0, 0, ‘’, 0, ‘’, ‘’, ‘7ylMHhIXqJ’, ‘viW2edsnJL’, 1464369280, 1464369280, 0, -1, 1, 0, 0, 0, ‘79923314ea8a9c81d1db03e75ed12127’, ‘bsd@bsd.bsd’, 0, 0, 0, 0, 0, ‘’, 0, 0)

Then I’ve made him admin and ticked all privileges in the user administration tab:

UPDATE user SET lower_name = ‘bsd’, name = ‘bsd’, full_name = ‘’, email = ‘bsd@bsd.bsd’, passwd = ‘b01562888fe574f50e377bd3daf42c7b13b34e17f7a0b5b2b520acea3236c197b872e95cb0ef66431fea3e51213d17751dbc’, login_type = 0, login_source = 0, login_name = ‘’, type = 0, location = ‘’, website = ‘’, rands = ‘7ylMHhIXqJ’, salt = ‘viW2edsnJL’, created_unix = 1464369280, updated_unix = 1464369338, last_repo_visibility = 0, max_repo_creation = -1, is_active = 1, is_admin = 1, allow_git_hook = 1, allow_import_local = 1, avatar = ‘79923314ea8a9c81d1db03e75ed12127’, avatar_email = ‘bsd@bsd.bsd’, use_custom_avatar = 0, num_followers = 0, num_following = 0, num_stars = 0, num_repos = 0, description = ‘’, num_teams = 0, num_members = 0 WHERE id = 2

Running the first query would create bsd user on your server. On the second query you’d need to change the WHERE id = number to which is the number of order number bsd user.

The first user is id = 1. You should see id number by issuing in mysql console:

use your_gogs_db

select * from user;


Non-interactive installs
#5

I just had to recover a pure sqlite3 admin user. Here are the steps if you’re on sqlite3 only:

  1. stop gogs (service gogs stop)
  2. copy data/gogs.db somewhere safe (cp ~/gogs/data/gogs.db /tmp/)
  3. stat gogs (service gogs start)
  4. login and create a new admin user
  5. stop gogs (service gogs stop)
  6. sqlite3 data/gogs.db
  7. select salt, passwd from user where id=1; (you’ll see something like 3452345|jnkmrefnkn34kj34j5
  8. copy all this info down. then .exit
  9. copy back the good db (cp /tmp/gogs.db ~/gogs/data/)
  10. sqlite3 data/gogs.db
  11. update user set salt=3452345, passwd=‘jnkmrefnkn34kj34j5’ where id=1; (fill in the data with the actual info you copied), then .exit
  12. start gogs back up and login