Add signing secret to config

2022-01-19 22:28:08 +01:00 · 2022-01-19 22:28:08 +01:00 · 5ffef4f6ad
commit 5ffef4f6ad
parent e1ed7cce66
4 changed files with 26 additions and 16 deletions
--- a/config.go
+++ b/config.go
@ -13,6 +13,7 @@ type ServerConfig struct {
 	LogLevel      string             `toml:"LogLevel"`
 	URL           string             `toml:"URL"`
 	ListenAddr    string             `toml:"ListenAddr"`
+	SigningSecret string             `toml:"SigningSecret"`
 	Store         *ServerStoreConfig `toml:"Store"`
 }

@ -54,6 +55,10 @@ func (sc *ServerConfig) updateFromEnv() {
 		sc.ListenAddr = value
 	}

+	if value, ok := os.LookupEnv("GPASTE_SIGNINGSECRET"); ok {
+		sc.SigningSecret = value
+	}
+
 	if value, ok := os.LookupEnv("GPASTE_STORE_TYPE"); ok {
 		sc.Store.Type = value
 	}
--- a/config_test.go
+++ b/config_test.go
@ -16,6 +16,7 @@ func TestServerConfig(t *testing.T) {
 LogLevel = "INFO"
 URL = "http://paste.example.org"
 ListenAddr = ":8080"
+SigningSecret = "abc999"

 [Store]
 Type = "fs"
@ -26,6 +27,7 @@ Dir = "/tmp"
 			LogLevel:      "INFO",
 			URL:           "http://paste.example.org",
 			ListenAddr:    ":8080",
+			SigningSecret: "abc999",
 			Store: &gpaste.ServerStoreConfig{
 				Type: "fs",
 				FS: &gpaste.ServerStoreFSStoreConfig{
@ -52,12 +54,14 @@ Dir = "/tmp"
 			"GPASTE_URL":           "http://gpaste.example.org",
 			"GPASTE_STORE_TYPE":    "fs",
 			"GPASTE_LISTENADDR":    ":8000",
+			"GPASTE_SIGNINGSECRET": "test1345",
 			"GPASTE_STORE_FS_DIR":  "/tmp",
 		}
 		expected := &gpaste.ServerConfig{
 			LogLevel:      "DEBUG",
 			URL:           "http://gpaste.example.org",
 			ListenAddr:    ":8000",
+			SigningSecret: "test1345",
 			Store: &gpaste.ServerStoreConfig{
 				Type: "fs",
 				FS: &gpaste.ServerStoreFSStoreConfig{
--- a/http.go
+++ b/http.go
@ -30,7 +30,7 @@ func NewHTTPServer(cfg *ServerConfig) *HTTPServer {
 	}
 	srv.Files = NewMemoryFileStore()
 	srv.Users = NewMemoryUserStore()
-	srv.Auth = NewAuthService(srv.Users, []byte("test1235"))
+	srv.Auth = NewAuthService(srv.Users, []byte(srv.config.SigningSecret))

 	r := chi.NewRouter()
 	r.Use(middleware.RealIP)
--- a/http_test.go
+++ b/http_test.go
@ -15,6 +15,7 @@ import (

 func TestHandlers(t *testing.T) {
 	cfg := &gpaste.ServerConfig{
+		SigningSecret: "abc123",
 		Store: &gpaste.ServerStoreConfig{
 			Type: "memory",
 		},