jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Store OpenID cookie secret in settings db and make it unique per instance

Browse Source
This commit is contained in:
Johannes Zellner
2023-07-25 12:36:32 +02:00
parent be24ed64f8
commit e13d905f32
2 changed files with 26 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/settings.js
View File

@@ -7,6 +7,9 @@ exports = module.exports = {
getTimeZone,
setTimeZone,
getCookieSecret,
setCookieSecret,
getCloudronName,
setCloudronName,
@@ -119,6 +122,7 @@ exports = module.exports = {
// strings
AUTOUPDATE_PATTERN_KEY: 'autoupdate_pattern',
TIME_ZONE_KEY: 'time_zone',
CLOUDRON_COOKIE_SECRET_KEY: 'cookie_secret',
CLOUDRON_NAME_KEY: 'cloudron_name',
LANGUAGE_KEY: 'language',
CLOUDRON_ID_KEY: 'cloudron_id',
@@ -175,6 +179,7 @@ const gDefaults = (function () {
const result = { };
result[exports.AUTOUPDATE_PATTERN_KEY] = cron.DEFAULT_AUTOUPDATE_PATTERN;
result[exports.TIME_ZONE_KEY] = 'UTC';
result[exports.CLOUDRON_COOKIE_SECRET_KEY] = '';
result[exports.CLOUDRON_NAME_KEY] = 'Cloudron';
result[exports.DYNAMIC_DNS_KEY] = false;
result[exports.IPV6_CONFIG_KEY] = {
@@ -332,6 +337,19 @@ async function getTimeZone() {
return tz;
}
async function getCookieSecret() {
const secret = await get(exports.CLOUDRON_COOKIE_SECRET_KEY);
return secret;
}
async function setCookieSecret(secret) {
assert.strictEqual(typeof secret, 'string');
if (!secret) throw new BoxError(BoxError.BAD_FIELD, 'secret is empty');
await set(exports.CLOUDRON_COOKIE_SECRET_KEY, secret);
}
async function getCloudronName() {
const name = await get(exports.CLOUDRON_NAME_KEY);
if (name === null) return gDefaults[exports.CLOUDRON_NAME_KEY];