mirror/wakapi
1
0
Fork 0
mirror of https://github.com/muety/wakapi.git synced 2023-08-10 21:12:56 +03:00
Code Issues Projects Releases Wiki Activity

chore: reuse securecookie keys in dev mode (resolve #463)

Browse Source
This commit is contained in:
Ferdinand Mütsch
2023-03-03 21:44:13 +01:00
parent a6ef735ba1
commit 6c75bb5d21
2 changed files with 53 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
config/config.go
View File

@@ -395,10 +395,18 @@ func Load(version string) *Config {
config.InstanceId = uuid.NewV4().String()
config.App.Colors = readColors()
config.Db.Dialect = resolveDbDialect(config.Db.Type)
config.Security.SecureCookie = securecookie.New(
securecookie.GenerateRandomKey(64),
securecookie.GenerateRandomKey(32),
)
var hashKey []byte
var blockKey []byte
if IsDev(env) {
logbuch.Warn("using temporary keys to sign and encrypt cookies in dev mode, make sure to set env to production for real-world use")
hashKey, blockKey = getTemporarySecureKeys()
} else {
hashKey = securecookie.GenerateRandomKey(64)
blockKey = securecookie.GenerateRandomKey(64)
}
config.Security.SecureCookie = securecookie.New(hashKey, blockKey)
config.Security.SessionKey = securecookie.GenerateRandomKey(32)
if strings.HasSuffix(config.Server.BasePath, "/") {