fix: fix: disinto init fails on re-run — admin token name collision (#266)

Delete any existing token with the same name before creating a fresh one, so that sha1 is always returned by the create response. The list API does not return sha1 (Forgejo redacts it for security), making the old fallback unreliable. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-06 08:19:58 +00:00 · 2026-04-06 08:19:58 +00:00 · 580de95f9e
commit 580de95f9e
parent f04a57e6db
1 changed files with 13 additions and 9 deletions
--- a/bin/disinto
+++ b/bin/disinto
@ -752,7 +752,19 @@ setup_forge() {
    echo "Human user: ${human_user} (already exists)"
  fi

-  # Get or create admin token
+  # Delete existing admin token if present (token sha1 is only returned at creation time)
+  local existing_token_id
+  existing_token_id=$(curl -sf \
+    -u "${admin_user}:${admin_pass}" \
+    "${forge_url}/api/v1/users/${admin_user}/tokens" 2>/dev/null \
+    | jq -r '.[] | select(.name == "disinto-admin-token") | .id') || existing_token_id=""
+  if [ -n "$existing_token_id" ]; then
+    curl -sf -X DELETE \
+      -u "${admin_user}:${admin_pass}" \
+      "${forge_url}/api/v1/users/${admin_user}/tokens/${existing_token_id}" >/dev/null 2>&1 || true
+  fi
+
+  # Create admin token (fresh, so sha1 is returned)
  local admin_token
  admin_token=$(curl -sf -X POST \
    -u "${admin_user}:${admin_pass}" \
@ -761,14 +773,6 @@ setup_forge() {
    -d '{"name":"disinto-admin-token","scopes":["all"]}' 2>/dev/null \
    | jq -r '.sha1 // empty') || admin_token=""

-  if [ -z "$admin_token" ]; then
-    # Token might already exist — try listing
-    admin_token=$(curl -sf \
-      -u "${admin_user}:${admin_pass}" \
-      "${forge_url}/api/v1/users/${admin_user}/tokens" 2>/dev/null \
-      | jq -r '.[0].sha1 // empty') || admin_token=""
-  fi
-
  if [ -z "$admin_token" ]; then
    echo "Error: failed to obtain admin API token" >&2
    exit 1