Skip to content
Snippets Groups Projects
Commit b9c5721c authored by Lloyd Hilaiel's avatar Lloyd Hilaiel
Browse files

generate a persistent secret for cookie encryption at first server run. still... 

generate a persistent secret for cookie encryption at first server run.  still in pursuit of zero-config and as stateless as possible.
parent 7b4ceda4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
.gitignore 0 → 100644
+ 1
0
View file @ b9c5721c
*.sekret
authority/server/db.js
+ 1
1
View file @ b9c5721c
...@@ -276,4 +276,4 @@ exports.pubkeysForEmail = function(identity, cb) { ...@@ -276,4 +276,4 @@ exports.pubkeysForEmail = function(identity, cb) {
} }
cb(keys); cb(keys);
}); });
}; };
\ No newline at end of file
authority/server/run.js
+ 5
2
View file @ b9c5721c
...@@ -4,10 +4,13 @@ const path = require('path'), ...@@ -4,10 +4,13 @@ const path = require('path'),
httputils = require('./httputils.js'), httputils = require('./httputils.js'),
connect = require('connect'), connect = require('connect'),
webfinger = require('./webfinger.js'), webfinger = require('./webfinger.js'),
sessions = require('cookie-sessions'); sessions = require('cookie-sessions'),
secrets = require('./secrets.js');
const STATIC_DIR = path.join(path.dirname(__dirname), "static"); const STATIC_DIR = path.join(path.dirname(__dirname), "static");
const COOKIE_SECRET = secrets.hydrateSecret('cookie_secret', __dirname);
exports.handler = function(request, response, serveFile) { exports.handler = function(request, response, serveFile) {
// dispatch! // dispatch!
var urlpath = url.parse(request.url).pathname; var urlpath = url.parse(request.url).pathname;
...@@ -42,7 +45,7 @@ exports.handler = function(request, response, serveFile) { ...@@ -42,7 +45,7 @@ exports.handler = function(request, response, serveFile) {
exports.setup = function(server) { exports.setup = function(server) {
var week = (7 * 24 * 60 * 60 * 1000); var week = (7 * 24 * 60 * 60 * 1000);
server.use(sessions({ server.use(sessions({
secret: 'v3wy s3kr3t', secret: COOKIE_SECRET,
session_key: "browserid_state", session_key: "browserid_state",
path: '/' path: '/'
})); }));
......
authority/server/secrets.js 0 → 100644
+ 26
0
View file @ b9c5721c
const path = require('path'),
fs = require('fs');
function generateSecret() {
var str = "";
const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
for (var i=0; i < 128; i++) {
str += alphabet.charAt(Math.floor(Math.random() * alphabet.length));
}
return str;
}
exports.hydrateSecret = function(name, dir) {
var p = path.join(dir, name + ".sekret");
var fileExists = false;
var secret = undefined;
try{ secret = fs.readFileSync(p).toString(); } catch(e) {};
if (secret === undefined) {
console.log("Generating server secret ("+name+")...");
secret = generateSecret();
fs.writeFileSync(p, secret);
}
return secret;
};
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment