ARTICLE AD BOX
How do I create the initial admin user in my Spring Boot 4 application?
At first, my signup endpoint simply accepted an array of roles in the DTO. But, I concluded, it's a bad idea.
Then, I considered inserting it in the Liquibase YAML. But there's the password hashing function in the app itself (BCrypt), so I don't imagine how it could be replicated in the YAML. Unless, I get the hash by external means (there are BCrypt web services available on the internet) and simply hardcode it in the YAML. But still, I would have to manually insert into the user-role join table (role is a separate table, a requirement). I'm not even sure how to do it in the Liquibase YAML without hardcoding the admin role and admin user UUIDs – at this point they are generated with valueComputed: "gen_random_uuid()". I guess I could do another valueComputed trick, but it's not going to look pretty.
I could in theory listen to some Spring event (e.g. ApplicationReadyEvent) and insert both roles and the root admin into the table there (first, making sure they don't already exist). Or include it in a CommandLineRunner. In other words, integrate it into some Spring startup logic. Admin username and password could sit in the properties file.
Anyway, what is the most appropriate way, in your view? You don't have to pick one of my approaches.
It doesn't necessarily have to be "best practice", production-ready as long as it's reasonable. It's a project for a job application (not Google or other fancy-pants company).
